Description
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts.
CVSS Metrics
- Vector
- CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Attack Vector
- local
- Complexity
- low
- Privileges
- low
- User Action
- required
- Scope
- unchanged
- Confidentiality
- high
- Integrity
- high
- Availability
- high
- Weaknesses
- CWE-494
Metadata
- Primary Vendor
- FOXIT
- Published
- 12/11/2025
- Last Modified
- 12/18/2025
- Source
- NIST NVD
- Note: Verify all details with official vendor sources before applying patches.
Affected Products
foxit : pdf_editorfoxit : pdf_editorfoxit : pdf_editorfoxit : pdf_editorfoxit : pdf_readerfoxit : pdf_editorfoxit : pdf_editorfoxit : pdf_editorfoxit : pdf_editorfoxit : pdf_reader
AI-Powered Remediation
Generate remediation guidance or a C-suite brief for this vulnerability.