CVE-2024-8818
CVSS 3.1 Score 7.8 of 10 (high)
Details
Published Nov 22, 2024
Updated: Dec 4, 2024
CWE ID 416
Summary
CVE-2024-8818 is a remote code execution vulnerability affecting PDF-XChange Editor. The flaw is linked to the software's U3D file parsing process, where an object's existence isn't validated before being operated on. This allows an attacker to execute arbitrary code in the affected system's context by tricking the user into visiting a malicious webpage or opening a maliciously crafted file. The vulnerability, identified as ZDI-CAN-24213, can lead to serious security consequences if exploited successfully.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share