Memory Corruption Vulnerability in Foxit Reader by Foxit Software
CVE-2025-32451

8.8HIGH

Key Information:

Vendor: Foxit
Status: Foxit
Vendor: CVE Published:; 13 August 2025

What is CVE-2025-32451?

A memory corruption vulnerability has been identified in Foxit Reader. This issue arises from the use of an uninitialized pointer, allowing attackers to execute arbitrary code. An attacker can exploit this vulnerability by embedding specially crafted JavaScript within a malicious PDF document. Users who open such documents are at risk, especially if they have the browser plugin enabled and visit a malicious website. It is imperative for users to remain vigilant and update their software to mitigate potential risks.

Affected Version(s)

Foxit Reader 2025.1.0.27937

References

https://talosintelligence.com/vulnerability_reports/TALOS...

CVSS V3.1

Score:

8.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 13, 2025
Vulnerability Reserved
May 23, 2025

Credit

Discovered by KPC of Cisco Talos.

JSON