12.19.2022

Critical Foxit PhantomPDF Vulnerability

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 12/19/2022

Action Level - Critical

Description

MCNC would like to make you aware of a CRITICAL vulnerability affecting Foxit PDF software on Windows OS. Currently there is no associated CVE. While there is no indication that this is actively being used in the wild, please consider prioritization of upgrading instances of Foxit in your environment.

Affected versions:

  • Foxit PDF Reader (previously named Foxit Reader)
    • 12.0.2.12465 and earlier
    • Windows
  • Foxit PDF Editor (previously named Foxit PhantomPDF)
    • 12.0.2.12465 and all previous 12.x versions, 11.2.3.53593 and all previous 11.x versions, 10.1.9.37808 and earlier
    • Windows

As a CrowdStrike customer you can log into your portal and search for the presence by: click hamburger menu on upper left corner > Discover > Applications > Installed Applications Search. From here apply the following filters: Application: *Foxit*, OS: Windows. Run this search to get results for your Windows devices running ANY version of Foxit PhantomPDF, export to a CSV by hovering over the bottom left hand corner once loading is complete. NOTE: the search will return results for ALL Foxit software, this is because both the viewer and editor are vulnerable and may each have their previous names, ensure any Foxit PDF related software is fully patched.

While CrowdStrike is designed to prevent against such vulnerabilities and exploits it is always a good idea to ensure your software is patched and reduce the number of options bad actors have to exploit a given system.

If you have any questions please email secops@mcnc.org and we will assist you in understanding the impact in your environment.

Helpful Links:

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC