Out-Of-Bounds Read Vulnerability in Foxit PDF Reader
CVE-2025-9329

7.8HIGH

Key Information:

Vendor: Foxit
Status: PDF Reader
Vendor: CVE Published:; 2 September 2025

What is CVE-2025-9329?

A vulnerability has been identified in Foxit PDF Reader that arises during the parsing of PRC files. This flaw enables remote attackers to trigger arbitrary code execution by exploiting insufficient validation of user-supplied data, leading to potential reads beyond the end of allocated buffers. Successful exploitation necessitates user interaction, compelling the victim to either visit a malicious webpage or open a compromised file, thus putting their system at risk.

Affected Version(s)

PDF Reader 2024.4.0.27683

References

https://www.zerodayinitiative.com/advisories/ZDI-25-863/

x_research-advisory

https://www.foxit.com/support/security-bulletins.html

vendor-advisory

CVSS V3.0

Score:

7.8

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Sep 2, 2025
Vulnerability Reserved
Aug 21, 2025