Foxit PDF Editor
Moderate fix1 remedy
cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*, +1 more
Moderate fix1 remedy
- <= 2025.2.0.33046
- <= 2024.4.1.27687
- <= 2023.3.0.23028
- 14.0.0.33046
- 13.2.0.23874
Foxit PDF Editor and Reader Signature Spoofing Vulnerability
Vulnerability
Patched
A signature spoofing vulnerability has been identified in Foxit PDF Editor and Reader versions prior to 2025.2.1. This vulnerability allows an attacker to embed triggers, such as JavaScript, into a PDF document. These triggers execute during the signing process, altering content on other pages or optional content layers without warning. As a result, the signed PDF may not match what the signer initially reviewed, compromising the integrity of the digital signature.
Impact
Exploitation of this vulnerability leads to a signature-based trust bypass, allowing manipulated documents to be signed without the signer's awareness of the changes.
Remediation
Users can update to Foxit PDF Editor or Reader versions 2025.2.1, 14.0.1, or 13.2.1. Instructions for updating or downloading the latest versions are available on the Foxit website.
Added: Dec 11, 2025, 4:21 PM
Updated: Dec 11, 2025, 4:21 PM
Vulnerability Rating
Custom Algorithm
spread
8.4impact
0.6exploitability
4.4remediation
7.7relevance
1.4threat
0.0urgency
2.9incentive
0.8Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.