Description
The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM.
Published: 2026-07-08
Score: 8.2 High
EPSS: < 1% Very Low
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A local privilege escalation flaw allows a low‑privilege user to place a user‑controlled executable that will be run by a high‑privilege PDF processing process. The execution grants the user full SYSTEM rights, enabling complete control over the affected machine. The vulnerability is a classic case of improper privilege management and could be used to compromise the integrity and availability of the system.

Affected Systems

Foxit Software Inc. products, specifically Foxit PDF Editor and Foxit PDF Reader, are affected. Version information is not specified in the advisory, so any installed edition may be vulnerable until patched.

Risk and Exploitability

The CVSS score of 8.2 indicates moderate‑to‑high severity. The EPSS score is currently unavailable and the vulnerability is not listed in CISA KEV, suggesting limited current exploitation activity. The likely attack vector is local: an attacker with file‑system access can craft a malicious executable that the PDF application will run, elevating privileges to SYSTEM. No remote engagement is required, and exploitation requires only that the victim opens the crafted PDF. The impact is complete compromise of the affected system.

Generated by OpenCVE AI on July 8, 2026 at 15:04 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Apply the latest Foxit PDF Editor or Reader update released by the vendor
  • If an update is unavailable, disable any feature that allows automatic execution of user‑supplied executables within PDFs
  • Enforce least‑privilege execution for the PDF viewer by ensuring it runs under a standard user account and by employing application whitelisting or OS security controls

Generated by OpenCVE AI on July 8, 2026 at 15:04 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 08 Jul 2026 15:30:00 +0000

Type Values Removed Values Added
Weaknesses CWE-269

Wed, 08 Jul 2026 13:30:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Wed, 08 Jul 2026 08:30:00 +0000

Type Values Removed Values Added
Description The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM.
Title Foxit PDF Editor/Reader Local Privilege Escalation
References
Metrics cvssV3_1

{'score': 8.2, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:N'}


Subscriptions

No data.

cve-icon MITRE

Status: PUBLISHED

Assigner: Foxit

Published:

Updated: 2026-07-08T12:17:07.949Z

Reserved: 2026-06-24T03:01:15.648Z

Link: CVE-2026-57239

cve-icon Vulnrichment

Updated: 2026-07-08T12:16:05.403Z

cve-icon NVD

No data.

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-07-08T15:15:04Z

Weaknesses
  • CWE-269

    Improper Privilege Management