Login Sign Up

CVE-2023-37337

7.8 HIGH
Remote Code Execution

📋 TL;DR

This vulnerability allows remote attackers to execute arbitrary code by tricking users into opening malicious JP2 image files in Kofax Power PDF. Attackers can exploit improper bounds checking during JP2 file parsing to write beyond allocated memory boundaries and gain code execution. All users of affected Kofax Power PDF versions are vulnerable.

💻 Affected Systems

Products:
  • Kofax Power PDF
Versions: Versions prior to the patched release (specific version numbers not provided in available references)
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All default installations with JP2 file support enabled are vulnerable. User interaction required (opening malicious file).

📦 What is this software?

Power Pdf by Tungstenautomation

View all CVEs affecting Power Pdf →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete system compromise with attacker gaining the same privileges as the PDF viewer process, potentially leading to lateral movement, data exfiltration, or ransomware deployment.

🟠

Likely Case

Local privilege escalation leading to user account compromise, data theft, or malware installation on the affected system.

🟢

If Mitigated

Application crash (denial of service) if memory corruption occurs but code execution fails.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: HIGH

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Exploitation requires user interaction (opening malicious file). The vulnerability is in JP2 file parsing specifically.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in available references - check Kofax advisory for exact version

Vendor Advisory: https://docshield.kofax.com/PowerPDF/en_US/4.0.0-4.0.1/wwhelp/wwhimpl/js/html/wwhelp.htm#href=ReleaseNotes.04.01.html

Restart Required: Yes

Instructions:

1. Check current Power PDF version
2. Download latest version from Kofax website
3. Install update
4. Restart system

🔧 Temporary Workarounds

Disable JP2 file association

windows

Remove JP2 file type association with Kofax Power PDF to prevent automatic opening

Control Panel > Default Programs > Associate a file type or protocol with a program > Remove .jp2 association with Power PDF

Block JP2 files at perimeter

all

Configure email/web gateways to block JP2 file attachments

🧯 If You Can't Patch

  • Implement application whitelisting to prevent unauthorized PDF viewers
  • Use sandboxed environments for opening untrusted PDF files

🔍 How to Verify

Check if Vulnerable:

Check Power PDF version against Kofax security advisory. Versions prior to the patched release are vulnerable.

Check Version:

Open Power PDF > Help > About Power PDF

Verify Fix Applied:

Verify Power PDF version matches or exceeds the patched version specified in Kofax advisory.

📡 Detection & Monitoring

Log Indicators:

  • Power PDF crash logs with memory access violations
  • Unexpected process creation from PDF viewer

Network Indicators:

  • Downloads of JP2 files from untrusted sources
  • Outbound connections from PDF viewer process

SIEM Query:

Process Creation where Parent Process contains 'PowerPDF' AND Command Line contains '.jp2'

📊 Metadata

CVE ID: CVE-2023-37337
CVSS v3 Score: 7.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-787
Published: May 3, 2024
Last Updated: August 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37337, you might also want to check these:

CVE-2019-5684 10.0

This vulnerability in NVIDIA Windows GPU Display Drivers allows specially crafted DirectX shaders to...

Same vulnerability type (CWE-787)
CVE-2022-43604 10.0

CVE-2022-43604 is a critical out-of-bounds write vulnerability in the OpENer EtherNet/IP stack that ...

Same vulnerability type (CWE-787)
CVE-2019-5049 10.0

This vulnerability allows an attacker to execute arbitrary code on systems with vulnerable AMD graph...

Same vulnerability type (CWE-787)