In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
[
{
"cpes": [
"cpe:2.3:a:foxit:pdf_reader:-:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_reader",
"versions": [
{
"status": "affected",
"version": "0",
"versionType": "custom",
"lessThanOrEqual": "2023.3.0.23028"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:11.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:foxit:pdf_editor:12.0.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "11.0.0",
"versionType": "custom",
"lessThanOrEqual": "11.2.8.53842"
},
{
"status": "affected",
"version": "12.0.0",
"versionType": "custom",
"lessThanOrEqual": "12.1.4.15400"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:13.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "13.0",
"lessThan": "13.0.1.21693",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
},
{
"cpes": [
"cpe:2.3:a:foxit:pdf_editor:2023.0:*:*:*:*:*:*:*"
],
"vendor": "foxit",
"product": "pdf_editor",
"versions": [
{
"status": "affected",
"version": "2023.0",
"versionType": "custom",
"lessThanOrEqual": "2023.3.0.23028"
}
],
"defaultStatus": "unknown"
}
]