CVE-2025-59803

CWE-3474 documents4 sources
Severity
5.3MEDIUM
EPSS
0.0%
top 95.34%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Foxit PDF EditorFoxit PDF Reader
Timeline
PublishedDec 11

Description

Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the dig

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:H/A:NExploitability: 1.6 | Impact: 3.6

Affected Packages2 packages

NVDfoxit/pdf_editor2023.1.0.555832023.3.0.63083+11
NVDfoxit/pdf_reader2025.2.0.68868+1

🔴Vulnerability Details

2
GHSA
GHSA-4xr6-9wfx-7qvw: Foxit PDF Editor and Reader before 20252025-12-11
CVEList
CVE-2025-59803: Foxit PDF Editor and Reader before 20252025-12-11

🕵️Threat Intelligence

1
Wiz
CVE-2025-59803 Impact, Exploitability, and Mitigation Steps | Wiz
CVE-2025-59803 (MEDIUM CVSS 5.3) | Foxit PDF Editor and Reader before | cvebase.io