Critical vulnerabilities in Foxit Reader and Foxit PhantomPDF

Cybersecurity specialists report the detection of at least three vulnerabilities in Foxit PhantomPDF and Foxit Reader for Windows, two popular PDF reading tools. According to the report, the successful exploitation of these flaws would allow the deployment of multiple malicious activities.

Below are brief reports of the flaws detected, in addition to their respective identification keys and scores assigned according to the Common Vulnerability Scoring System (CVSS).

CVE-2021-2183: A use-after-free bug would allow remote threat actors to execute arbitrary code on the target system.

The vulnerability received a CVSS score of 7.7/10 and its successful exploitation would allow hackers to completely compromise the affected systems.

CVE-2021-21870: A use-after-free bug allows remote hackers to execute arbitrary code on the vulnerable system.

The flaw received a CVSS score of 7.7/10 and its successful exploitation of this vulnerability would allow attackers to put the vulnerable system at risk.

CVE-2021-21893: A use-after-free bug within the “event.target” property of the affected tools would allow remote threat actors to execute arbitrary code on the compromised system.

The flaw received a CVSS score of 7.7/10 and its successful exploitation would allow remote hackers to put exposed systems at risk.

These three flaws reside in the following affected products and versions:

  • Foxit Reader for Windows: 11.0.0.49893
  • Foxit PhantomPDF: 10.1.4.37651 and 11.0.0.49893

While the vulnerabilities can be exploited by unauthenticated remote hackers, researchers have not detected any active exploit attempts or the existence of a malware variant associated with the attack. The flaws have already been addressed, so Foxit users are advised to upgrade to a secure version of the affected products.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.