CVE-2024-9245

CVSS 3.1 Score 7.8 of 10 (high)

Details

Published Nov 22, 2024
Updated: Nov 29, 2024
CWE ID 732

Summary

CVE-2024-9245 is a local privilege escalation vulnerability affecting the Foxit PDF Reader Update Service. This issue arises due to incorrect permission assignment on a resource utilized by the service. For an attacker to exploit this vulnerability, they must initially gain the ability to execute low-privileged code on the target system. Successful exploitation allows the attacker to escalate privileges and execute code in the context of the SYSTEM account. This vulnerability, originally identified as ZDI-CAN-23966, was reported to Foxit and addressed through an update.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share