Foxit PDF Reader Update Service Incorrect Permission Assignment Local Privilege Escalation Vulnerability
CVE-2024-9244
7.8HIGH
What is CVE-2024-9244?
The Foxit PDF Reader Update Service contains a vulnerability stemming from incorrect permission assignments in its configuration files. Local attackers with the capability to execute low-privileged code can exploit this flaw to escalate their privileges, allowing them to execute malicious code with elevated rights in the context of the SYSTEM account. This issue emphasizes the importance of proper permission settings on files used by system services.
Affected Version(s)
PDF Reader 2024.1.0.23997