Description
The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation.
Published: 2026-04-01
Score: 7.3 High
EPSS: < 1% Very Low
KEV: No
Impact: Local Privilege Escalation
Action: Apply Patch
AI Analysis

Impact

Foxit PDF Editor and Foxit PDF Reader installers run with elevated privileges but use untrusted search paths that may include user-writable directories. This flaw allows a local attacker to place malicious binaries with the same names as system executables or DLLs; during installation those binaries will be loaded or executed instead of the legitimate files, leading to local privilege escalation. The weakness is an Untrusted Search Path (CWE‑426).

Affected Systems

The affected vendor is Foxit Software Inc. and the impacted products are Foxit PDF Editor and Foxit PDF Reader. Specific affected versions are not disclosed; all installed versions of these products should be considered potentially vulnerable until an official update is applied.

Risk and Exploitability

The CVSS score for this vulnerability is 7.3, indicating high risk. EPSS data is not available and the vulnerability is not listed in KEV. Exploitation requires the attacker to have local file‑write access to directories that the installer checks; once malicious files are placed in those locations, privilege escalation can occur without additional user interaction. Based on the description, the likely attack vector is a local attacker with write permissions on the target system.

Generated by OpenCVE AI on April 1, 2026 at 06:27 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Check the Foxit support portal or vendor website for an official security patch and apply it immediately.
  • Restrict write permissions on any directories that are part of the installer's search path to prevent unprivileged users from adding files.
  • Regularly review system logs for suspicious execution of installer processes or unexpected DLL loading events.

Generated by OpenCVE AI on April 1, 2026 at 06:27 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 03 Apr 2026 10:15:00 +0000

Type Values Removed Values Added
First Time appeared Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader
Vendors & Products Foxitsoftware
Foxitsoftware foxit Pdf Editor
Foxitsoftware foxit Reader

Wed, 01 Apr 2026 23:45:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}

Wed, 01 Apr 2026 02:15:00 +0000

Type Values Removed Values Added
Description The application's installer runs with elevated privileges but resolves system executables and DLLs using untrusted search paths that can include user-writable directories, allowing a local attacker to place malicious binaries with the same names and have them loaded or executed instead of the legitimate system files, resulting in local privilege escalation.
Title Foxit PDF Editor/Reader Installer Uncontrolled Search Path Privilege Escalation
Weaknesses CWE-426
References
Metrics cvssV3_1

{'score': 7.3, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H'}

Subscriptions

Foxitsoftware Foxit Pdf Editor Foxit Reader
cve-icon MITRE

Status: PUBLISHED

Assigner: Foxit

Published:

Updated: 2026-04-02T02:14:27.519Z

Reserved: 2026-03-08T03:43:30.840Z

Link: CVE-2026-3780

cve-icon Vulnrichment

Updated: 2026-04-01T14:17:47.193Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-04-01T02:16:03.183

Modified: 2026-04-01T14:23:37.727

Link: CVE-2026-3780

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-03T08:58:49Z

Weaknesses