CVE-2025-55310
BaseFortify
Publication date: 2025-12-11
Last updated on: 2025-12-18
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| foxit | pdf_editor | to 13.1.7.63027 (inc) |
| foxit | pdf_editor | From 2023.1.0.55583 (inc) to 2023.3.0.63083 (inc) |
| foxit | pdf_editor | From 2024.1.0.63682 (inc) to 2024.4.1.66479 (inc) |
| foxit | pdf_editor | 2025.1.0.66692 |
| foxit | pdf_reader | to 2025.1.0.66692 (inc) |
| apple | macos | * |
| foxit | pdf_editor | to 13.1.7.23637 (inc) |
| foxit | pdf_editor | From 2023.1.0.15510 (inc) to 2023.3.0.23028 (inc) |
| foxit | pdf_editor | From 2024.1.0.23997 (inc) to 2024.4.1.27687 (inc) |
| foxit | pdf_editor | 2025.1.0.27937 |
| foxit | pdf_reader | to 2025.1.0.27937 (inc) |
| microsoft | windows | * |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-494 | The product downloads source code or an executable from a remote location and executes the code without sufficiently verifying the origin and integrity of the code. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability exists in Foxit PDF and Editor for Windows and macOS before versions 13.2 and 2025 before 2025.2. An attacker who can alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content when it starts up.
How can this vulnerability impact me? :
The vulnerability may lead to information disclosure, unauthorized data access, or other security impacts by causing the application to load malicious content at startup.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, ensure that the static HTML files used by the StartPage feature in Foxit PDF and Editor are not altered or replaced by unauthorized users. Restrict write permissions to these files and verify their integrity regularly. Additionally, update Foxit PDF and Editor to version 13.2 or later (for Windows and macOS) or 2025.2 or later to apply the fix.
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The vulnerability may lead to information disclosure and unauthorized data access, which could impact compliance with standards and regulations such as GDPR and HIPAA that require protection of sensitive data. However, specific effects on compliance are not detailed in the provided resources.