CVE-2024-29072 (GCVE-0-2024-29072)
Vulnerability from cvelistv5 – Published: 2024-05-28 13:52 – Updated: 2025-02-13 17:47
VLAI?
Summary
A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.
Severity ?
8.2 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Foxit | Foxit Reader |
Affected:
2024.2.0.25138
|
Credits
Discovered by KPC of Cisco Talos.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "foxit_reader",
"vendor": "foxitsoftware",
"versions": [
{
"status": "affected",
"version": "2024.2.0.25138"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-29072",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-28T15:36:04.553956Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:58:07.938Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-02T01:03:51.701Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989",
"tags": [
"x_transferred"
],
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Foxit Reader",
"vendor": "Foxit",
"versions": [
{
"status": "affected",
"version": "2024.2.0.25138"
}
]
}
],
"credits": [
{
"lang": "en",
"value": "Discovered by KPC of Cisco Talos."
}
],
"descriptions": [
{
"lang": "en",
"value": "A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-06-10T17:11:27.035Z",
"orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"shortName": "talos"
},
"references": [
{
"name": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989",
"url": "https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989"
},
{
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
"assignerShortName": "talos",
"cveId": "CVE-2024-29072",
"datePublished": "2024-05-28T13:52:58.113Z",
"dateReserved": "2024-05-03T19:29:27.157Z",
"dateUpdated": "2025-02-13T17:47:36.385Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"fkie_nvd": {
"descriptions": "[{\"lang\": \"en\", \"value\": \"A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.\"}, {\"lang\": \"es\", \"value\": \"Existe una vulnerabilidad de escalada de privilegios en Foxit Reader 2024.2.0.25138. La vulnerabilidad se produce debido a una validaci\\u00f3n de certificaci\\u00f3n inadecuada del ejecutable del actualizador antes de ejecutarlo. Un usuario con privilegios bajos puede desencadenar la acci\\u00f3n de actualizaci\\u00f3n, lo que puede resultar en una elevaci\\u00f3n inesperada de privilegios.\"}]",
"id": "CVE-2024-29072",
"lastModified": "2024-11-21T09:07:29.887",
"metrics": "{\"cvssMetricV31\": [{\"source\": \"talos-cna@cisco.com\", \"type\": \"Secondary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 1.5, \"impactScore\": 6.0}]}",
"published": "2024-05-28T14:15:12.493",
"references": "[{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\", \"source\": \"talos-cna@cisco.com\"}, {\"url\": \"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989\", \"source\": \"talos-cna@cisco.com\"}, {\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}, {\"url\": \"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\"}]",
"sourceIdentifier": "talos-cna@cisco.com",
"vulnStatus": "Awaiting Analysis",
"weaknesses": "[{\"source\": \"talos-cna@cisco.com\", \"type\": \"Secondary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-295\"}]}]"
},
"nvd": "{\"cve\":{\"id\":\"CVE-2024-29072\",\"sourceIdentifier\":\"talos-cna@cisco.com\",\"published\":\"2024-05-28T14:15:12.493\",\"lastModified\":\"2025-08-22T16:03:32.227\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.\"},{\"lang\":\"es\",\"value\":\"Existe una vulnerabilidad de escalada de privilegios en Foxit Reader 2024.2.0.25138. La vulnerabilidad se produce debido a una validaci\u00f3n de certificaci\u00f3n inadecuada del ejecutable del actualizador antes de ejecutarlo. Un usuario con privilegios bajos puede desencadenar la acci\u00f3n de actualizaci\u00f3n, lo que puede resultar en una elevaci\u00f3n inesperada de privilegios.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H\",\"baseScore\":8.2,\"baseSeverity\":\"HIGH\",\"attackVector\":\"LOCAL\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"REQUIRED\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":1.5,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"talos-cna@cisco.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-295\"}]}],\"configurations\":[{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"11.2.9.53938\",\"matchCriteriaId\":\"310F9865-EAB7-4537-B205-CE25418D5A3B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"12.0.0\",\"versionEndIncluding\":\"12.1.6.15509\",\"matchCriteriaId\":\"D3F78536-999B-4FAA-9F7D-C35621384E87\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"13.0.0\",\"versionEndIncluding\":\"13.1.1.22432\",\"matchCriteriaId\":\"BED878DD-2908-49CE-8248-1A950D9F750D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2023.1.0.15510\",\"versionEndIncluding\":\"2023.3.0.23028\",\"matchCriteriaId\":\"0C75FEE6-54F3-49C6-BAEA-A09D23BE5D64\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_editor:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"2024.1.0.23997\",\"versionEndIncluding\":\"2024.2.1.25153\",\"matchCriteriaId\":\"CEE05FE1-67A3-4AE1-B49B-3C497E7D944B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:foxit:pdf_reader:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"2024.2.1.25153\",\"matchCriteriaId\":\"525AF74D-C7F7-466E-9501-60B489C7803F\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A2572D17-1DE6-457B-99CC-64AFD54487EA\"}]}]}],\"references\":[{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989\",\"source\":\"talos-cna@cisco.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"vendor\": \"Foxit\", \"product\": \"Foxit Reader\", \"versions\": [{\"version\": \"2024.2.0.25138\", \"status\": \"affected\"}]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A privilege escalation vulnerability exists in the Foxit Reader 2024.2.0.25138. The vulnerability occurs due to improper certification validation of the updater executable before executing it. A low privilege user can trigger the update action which can result in unexpected elevation of privilege.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"description\": \"CWE-295: Improper Certificate Validation\", \"type\": \"CWE\", \"cweId\": \"CWE-295\"}]}], \"metrics\": [{\"cvssV3_1\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H\", \"attackVector\": \"LOCAL\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"LOW\", \"userInteraction\": \"REQUIRED\", \"scope\": \"CHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\", \"baseScore\": 8.2, \"baseSeverity\": \"HIGH\"}}], \"providerMetadata\": {\"orgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"shortName\": \"talos\", \"dateUpdated\": \"2024-05-28T13:52:58.113Z\"}, \"references\": [{\"url\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\", \"name\": \"https://talosintelligence.com/vulnerability_reports/TALOS-2024-1989\"}, {\"url\": \"https://www.talosintelligence.com/vulnerability_reports/TALOS-2024-1989\"}], \"credits\": [{\"lang\": \"en\", \"value\": \"Discovered by KPC of Cisco Talos.\"}]}, \"adp\": [{\"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-29072\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-05-28T15:36:04.553956Z\"}}}], \"affected\": [{\"cpes\": [\"cpe:2.3:a:foxitsoftware:foxit_reader:*:*:*:*:*:*:*:*\"], \"vendor\": \"foxitsoftware\", \"product\": \"foxit_reader\", \"versions\": [{\"status\": \"affected\", \"version\": \"2024.2.0.25138\"}], \"defaultStatus\": \"unknown\"}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2024-05-28T15:37:43.611Z\"}, \"title\": \"CISA ADP Vulnrichment\"}]}",
"cveMetadata": "{\"cveId\": \"CVE-2024-29072\", \"assignerOrgId\": \"b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"talos\", \"dateReserved\": \"2024-05-03T19:29:27.157Z\", \"datePublished\": \"2024-05-28T13:52:58.113Z\", \"dateUpdated\": \"2024-05-28T13:52:58.113Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…