Vulnerability Details : CVE-2023-33240
Foxit PDF Reader (12.1.1.15289 and earlier) and Foxit PDF Editor (12.1.1.15289 and all previous 12.x versions, 11.2.5.53785 and all previous 11.x versions, and 10.1.11.37866 and earlier) on Windows allows Local Privilege Escalation when installed to a non-default directory because unprivileged users have access to an executable file of a system service. This is fixed in 12.1.2.
Vulnerability category: Gain privilege
Products affected by CVE-2023-33240
- cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*
- cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
- cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
- cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2023-33240
0.04%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 6 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2023-33240
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
7.8
|
HIGH | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
1.8
|
5.9
|
NIST |
References for CVE-2023-33240
-
https://www.foxit.com/support/security-bulletins.html
Security Bulletins | Foxit SoftwareVendor Advisory
Jump to