Login Sign Up

CVE-2022-37373

5.5 MEDIUM

📋 TL;DR

CVE-2022-37373 is an out-of-bounds read vulnerability in PDF-XChange Editor that allows remote attackers to disclose sensitive information. Attackers can exploit this by tricking users into opening malicious PDF files. This affects users of vulnerable versions of PDF-XChange Editor across all supported operating systems.

💻 Affected Systems

Products:
  • PDF-XChange Editor
Versions: Versions prior to 9.3.361.0
Operating Systems: Windows, Linux, macOS
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of affected versions are vulnerable by default when processing PDF files.

📦 What is this software?

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the context of the current user process.

🟠

Likely Case

Sensitive information disclosure from memory, potentially exposing credentials, documents, or system information.

🟢

If Mitigated

Limited impact with proper security controls like application sandboxing and least privilege principles.

🌐 Internet-Facing: MEDIUM - Requires user interaction but PDF files are commonly shared via internet channels.
🏢 Internal Only: MEDIUM - Internal users could be targeted via email attachments or shared drives.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires user interaction (opening malicious PDF) and may require chaining with other vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 9.3.361.0 and later

Vendor Advisory: https://www.tracker-software.com/product/pdf-xchange-editor/history

Restart Required: Yes

Instructions:

1. Download latest version from tracker-software.com 2. Run installer 3. Restart system 4. Verify version is 9.3.361.0 or higher

🔧 Temporary Workarounds

Disable PDF-XChange as default PDF handler

windows

Prevent automatic opening of PDF files with vulnerable software

Control Panel > Default Programs > Set Default Programs > Choose different PDF viewer

Use application sandboxing

all

Run PDF-XChange Editor in restricted environment

🧯 If You Can't Patch

  • Implement strict email filtering to block malicious PDF attachments
  • Use alternative PDF viewers that are not affected by this vulnerability

🔍 How to Verify

Check if Vulnerable:

Open PDF-XChange Editor > Help > About, check if version is below 9.3.361.0

Check Version:

On Windows: reg query "HKLM\SOFTWARE\Tracker Software\PDFXEditor3" /v Version

Verify Fix Applied:

Confirm version is 9.3.361.0 or higher in About dialog

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing PDF files
  • Unusual memory access patterns in application logs

Network Indicators:

  • Downloads of PDF files from untrusted sources
  • PDF files with unusual structure or size

SIEM Query:

source="*pdf-xchange*" AND (event="crash" OR event="exception")

📊 Metadata

CVE ID: CVE-2022-37373
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: March 29, 2023
Last Updated: November 27, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2022-37373, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)