Foxit PDF and Editor Use-After-Free Vulnerability Leading to Arbitrary Code Execution
Vulnerability
A use-after-free vulnerability has been identified in Foxit PDF Reader and Foxit PDF Editor for both Windows and macOS. This vulnerability exists in versions prior to 13.2 for Windows and prior to 2025.2 for macOS. The issue arises when a crafted PDF containing JavaScript is processed. The JavaScript can attach an OnBlur action to a form field, which then destroys an annotation. During a right-click interaction, the application's focus change handling prematurely releases the annotation object, creating a use-after-free condition. This flaw can lead to memory corruption or cause the application to crash.
Impact
Exploitation of this vulnerability allows for arbitrary code execution on the affected system.
Remediation
Users can update to Foxit PDF Reader 2025.2.1 or Foxit PDF Editor 2025.2.1/14.0.1/13.2.1. For Foxit PDF Reader or Editor for Mac, versions 2025.2.1 are available. Instructions for updating or downloading the latest versions are provided on the Foxit website.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.