Privilege Escalation Vulnerability in Foxit PDF Reader
CVE-2026-57239

8.2HIGH

Key Information:

Vendor

Foxit Inc.

Vendor
CVE Published:
8 July 2026

What is CVE-2026-57239?

A privilege escalation vulnerability exists in Foxit PDF Reader wherein user-controllable executable files can be executed by high-privilege processes. This flaw enables low-privilege users to elevate their privileges to that of NT AUTHORITY\SYSTEM, potentially allowing unauthorized access and control over system resources. Users are advised to update their software to mitigate this risk.

Affected Version(s)

Foxit PDF Editor Windows Versions 2026.1.1 and earlier

Foxit PDF Editor Windows Versions 14.0.4 and earlier

Foxit PDF Editor Windows Versions 13.2.4 and earlier

References

CVSS V3.1

Score:
8.2
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

Credit

Luke Paris (@Paradoxis)
.