CVE-2020-13813

HIGH

Foxit Studio Photo < 3.6.6.922 - Untrusted Search Path via DLL in Current Working Directory

Title source: llm

Description

An issue was discovered in Foxit Studio Photo before 3.6.6.922. It allows local users to gain privileges via a crafted DLL in the current working directory when FoxitStudioPhoto366_3.6.6.916.exe is used.

References (1)

Core 1

Core References

Vendor Advisory x_refsource_confirm

https://www.foxitsoftware.com/support/security-bulletins.php

Scores

CVSS v3 7.8

EPSS 0.0001

EPSS Percentile 3.5%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Details

CWE

CWE-426

Status published

Products (1)

foxitsoftware/foxit_studio_photo < 3.6.6.922

Published Jun 04, 2020

Tracked Since Feb 18, 2026