Because Foxit PDF Reader and Editor are vulnerable, attackers can attack MacOS and Windows computers. In contrast, equipped versions are available for download. There are currently no reports whether attackers are already using the weak points.
Effects of attacks
As can be seen from the security area of the Foxit websitethe developers have closed several security gaps. In the worst case, malice code can get to systems and compromise them completely. This can be done via PDFs prepared with JavaScript (such as CVE 2025-55313 “high“). However, it can be assumed that victims have to play along and open a file so that an attack can be initiated.
In addition, attackers can make manipulated documents appear legitimate (CVE 2025-55311 “medium“). Furthermore, information can be left (CVE-2025-55307”low“) Or there can be crashes (CVE-2025-32451”high“).
The developers assure that they have secured the following issues against the attacks described.
MacOS/Windows:
- PDF Editor 2025.2, 13.2, 14.0
- PDF Reader 2025.2
Most recently, the developers closed security gaps in December 2024.
Discover more from Apple News
Subscribe to get the latest posts sent to your email.