CVE-2025-55310

|
CVE-2025-55310 vulnerability security high severity CVE database Foxit PDF StartPage HTML injection information disclosure unauthorized data access

Summary

CVE-2025-55310 is a high-severity vulnerability affecting Foxit PDF Reader and Editor. An attacker who can modify the static HTML files used by the StartPage feature can inject malicious content, potentially leading to information disclosure or unauthorized data access.

Technical Details

This vulnerability arises from insufficient validation of the static HTML files used by the StartPage feature in Foxit PDF Reader and Editor. The StartPage feature displays HTML content upon application startup. If an attacker gains the ability to alter or replace these HTML files (e.g., through local file access or other vulnerabilities), they can inject arbitrary HTML and JavaScript code. This injected code executes within the context of the application, allowing the attacker to potentially steal sensitive information, execute arbitrary commands, or redirect the user to malicious websites. The application's trust in these static files is misplaced, leading to the vulnerability.

Affected Products and Versions

  • Foxit PDF Editor before 13.2 (Windows and macOS)
  • Foxit PDF Editor 2025 before 2025.2 (Windows and macOS)
  • Foxit PDF Reader before 13.2 (Windows and macOS)
  • Foxit PDF Reader 2025 before 2025.2 (Windows and macOS)

Impact Assessment

Successful exploitation of CVE-2025-55310 can have significant consequences.

  • Information Disclosure: An attacker could steal sensitive information displayed within the PDF reader or editor, such as document metadata or user credentials stored by the application.
  • Unauthorized Data Access: The injected code could potentially access local files or network resources, depending on the application's permissions and the attacker's capabilities.
  • Remote Code Execution (Potential): While not explicitly stated, if the injected code can interact with other parts of the application or the operating system, remote code execution might be possible.
  • Phishing: The attacker could redirect the user to a fake login page or other phishing site to steal credentials.

Remediation

Immediate Actions

  • Upgrade: Upgrade to Foxit PDF Reader and Editor version 13.2 or later, or version 2025.2 or later.
  • Verify File Integrity: If possible, verify the integrity of the static HTML files used by the StartPage feature to ensure they haven't been tampered with.

Long-term Solutions

  • Apply Patches: Ensure that all systems running affected versions of Foxit PDF Reader and Editor are patched with the latest security updates.
  • Implement File Integrity Monitoring: Consider implementing file integrity monitoring to detect unauthorized changes to critical application files.

References

Detection & Scanning

Detecting CVE-2025-55310 typically involves checking the version of Foxit PDF Reader and Editor installed on systems. Additionally, monitoring file integrity for the StartPage HTML files can help identify potential compromises.

Scan Your Website

Secably AI Scanner can detect this and 50+ other vulnerabilities automatically.

Start Free Scan

Scan Your Website for Vulnerabilities

Discover security issues before attackers do. Our AI-powered scanner checks for the vulnerabilities discussed in this guide and more.

Start Free Scan