Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2023-33240

Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2.

Published

2023-05-19T06:15:08.467

Last Modified

2025-01-21T20:15:30.390

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 7.8 (HIGH)

Weaknesses

Type: Primary
NVD-CWE-noinfo
Type: Secondary
CWE-276

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	foxit	pdf_editor	≤ 10.1.11.37866	Yes
Application	foxit	pdf_editor	≤ 11.2.5.53785	Yes
Application	foxit	pdf_editor	≤ 12.1.1.15289	Yes
Application	foxit	pdf_reader	≤ 12.1.1.15289	Yes
Operating System	microsoft	windows	-	No

References

https://www.foxit.com/support/security-bulletins.html Vendor Advisory ([email protected])
https://www.foxit.com/support/security-bulletins.html Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)