CVE-2024-32488
published 2024-04-15CVE-2024-32488: In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder…
high7.8CVSS 3.1
AVLACLPRLUINSUCHIHAH
In Foxit PDF Reader and Editor before 2024.1, Local Privilege Escalation could occur during update checks because weak permissions on the update-service folder allow attackers to place crafted DLL files there.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| foxit | pdf_editor | < 10.1.12.37872 | 10.1.12.37872 |
| foxit | pdf_editor | >= 11.0.0 < 11.2.8.53842 | 11.2.8.53842 |
| foxit | pdf_editor | >= 12.0.0 < 12.1.4.15400 | 12.1.4.15400 |
| foxit | pdf_editor | >= 13.0.0 < 13.0.1.21693 | 13.0.1.21693 |
| foxit | pdf_editor | >= 2023.1.0.15510 < 2023.3.0.23028 | 2023.3.0.23028 |
| foxit | pdf_reader | < 2023.3.0.23028 | 2023.3.0.23028 |