Login Sign Up

CVE-2023-37353

5.5 MEDIUM

📋 TL;DR

This vulnerability in Kofax Power PDF allows remote attackers to disclose sensitive information by tricking users into opening malicious JPG files. The flaw exists in JPG file parsing where improper data validation enables reading beyond allocated memory boundaries. Affected users include anyone using vulnerable versions of Kofax Power PDF who opens untrusted JPG files.

💻 Affected Systems

Products:
  • Kofax Power PDF
Versions: Specific versions not specified in provided references, but likely multiple versions prior to patch
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: User interaction required - victim must open malicious JPG file or visit malicious webpage

📦 What is this software?

Power Pdf by Tungstenautomation

View all CVEs affecting Power Pdf →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could combine this information disclosure vulnerability with other exploits to achieve arbitrary code execution in the context of the current user process, potentially leading to full system compromise.

🟠

Likely Case

Attackers can read sensitive information from memory, potentially exposing credentials, session tokens, or other confidential data that could be used for further attacks.

🟢

If Mitigated

With proper controls, the impact is limited to potential information disclosure without code execution, though sensitive data could still be exposed.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Requires user interaction (opening malicious file) and likely needs to be combined with other vulnerabilities for code execution

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in provided references

Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-23-948/

Restart Required: Yes

Instructions:

1. Check Kofax Power PDF version
2. Visit Kofax support portal for latest updates
3. Download and install latest security update
4. Restart system if prompted

🔧 Temporary Workarounds

Restrict JPG file handling

windows

Configure system to open JPG files with alternative applications instead of Kofax Power PDF

User awareness training

all

Educate users not to open JPG files from untrusted sources

🧯 If You Can't Patch

  • Implement application whitelisting to block execution of Kofax Power PDF
  • Use network segmentation to isolate systems running vulnerable software

🔍 How to Verify

Check if Vulnerable:

Check Kofax Power PDF version against latest security bulletin from Kofax

Check Version:

Open Kofax Power PDF → Help → About to view version

Verify Fix Applied:

Verify installed version matches or exceeds patched version specified in vendor advisory

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing JPG files
  • Unusual memory access patterns in application logs

Network Indicators:

  • Downloads of JPG files from suspicious sources
  • Outbound connections following JPG file processing

SIEM Query:

Process execution of PowerPDF.exe followed by network connections or file access anomalies

📊 Metadata

CVE ID: CVE-2023-37353
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: August 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-37353, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)