Heads up, Foxit Reader users! The vendors have recently rolled out an update to Foxit Reader since patching a serious code execution flaw. Exploiting this vulnerability via malicious PDFs could potentially allow for an adversary to take control of target systems.
Foxit Reader Vulnerability Allowing RCE Attacks
A security researcher from Cisco Talos discovered a serious security flaw affecting the Foxit Reader.
As explained in their advisory, the vulnerability, CVE-2021-21822, could let an adversary execute malicious codes on the target device. Whereas, exploiting this bug merely required an attacker to create a malicious PDF. As stated in the advisory,
This vulnerability has achieved a high-severity rating with a CVSS score of 8.8.
More Bugs Also Fixed
Alongside this vulnerability, Foxit has also released security fixes for 14 other security flaws. These vulnerabilities caught Foxit’s attention following the reports from other security researchers.
Eventually, Foxit released patches for all the bugs as elaborated in their security bulletin.
As the vendors confirmed, the vulnerabilities predominantly affected the previous versions of Foxit products. These specifically include Foxit Reader (10.1.3.37598 and earlier) and Foxit PhantomPDF (10.1.3.37598 and all previous 10.x versions, 220.127.116.11616 and earlier).
Consequently, they released the security updates with the release of Foxit Reader 10.1.4 and Foxit PhantomPDF 10.1.4.
Now that the bug fixes are out, all Foxit users must ensure updating their systems to the latest patched version.
Earlier, in 2020, Foxit had patched remote code execution vulnerabilities in Foxit Reader and PhantomPDF.
Let us know your thoughts in the comments.