CVE-2025-55310

HIGH

Foxit PDF & Editor <13.2-2025.2 - Info Disclosure

Title source: llm

Description

An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. An attacker able to alter or replace the static HTML files used by the StartPage feature can cause the application to load malicious or compromised content upon startup. This may result in information disclosure, unauthorized data access, or other security impacts.

References (1)

[Vendor Advisory] https://www.foxit.com/support/security-bulletins.html

Scores

CVSS v3 7.3

EPSS 0.0001

EPSS Percentile 0.4%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-494

Status published

Products (4)

foxit/pdf_editor 2025.1.0.66692

foxit/pdf_editor 2025.1.0.27937

foxit/pdf_editor < 13.1.7.63027

foxit/pdf_reader < 2025.1.0.66692

Published Dec 11, 2025

Tracked Since Feb 18, 2026