CVE-2024-9244

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
Updated: Nov 29, 2024
CWE ID 732

Summary

CVE-2024-9244 is a local privilege escalation vulnerability affecting the Foxit PDF Reader Update Service. This issue arises due to incorrect permission assignments on a resource utilized by the service. An attacker must initially gain the ability to execute low-privileged code on the target system to exploit this vulnerability. By leveraging this flaw, they can escalate privileges and run code with SYSTEM-level access. This vulnerability, originally identified as ZDI-CAN-23933, poses a significant risk for affected installations of Foxit PDF Reader.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share