Local Privilege Escalation Vulnerability in Foxit Studio Photo Software
CVE-2020-13813

7.8HIGH

Key Information:

Vendor: Foxit
Status: Foxit Studio Photo
Vendor: CVE Published:; 4 June 2020

Summary

A vulnerability has been found in Foxit Studio Photo prior to version 3.6.6.922 that allows local users to escalate their privileges. This issue arises when the application executes a crafted DLL file located in the current working directory, potentially giving attackers unauthorized access and control over the system. Users are advised to update to the latest version to mitigate any potential risks associated with this vulnerability.

References

https://www.foxitsoftware.com/support/security-bulletins.php

x_refsource_CONFIRM

CVSS V3.1

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Jun 4, 2020
Vulnerability Reserved
Jun 4, 2020