Login Sign Up

CVE-2023-38085

5.5 MEDIUM

📋 TL;DR

This vulnerability in Kofax Power PDF allows attackers to read memory beyond allocated bounds when parsing malicious JP2 files, potentially disclosing sensitive information. Users who open malicious PDF files or visit malicious web pages are affected. Attackers could combine this with other vulnerabilities to execute arbitrary code.

💻 Affected Systems

Products:
  • Kofax Power PDF
Versions: Specific versions not specified in provided references, but likely multiple versions prior to patch
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: All installations that process JP2 files are vulnerable by default. User interaction required (opening malicious file).

📦 What is this software?

Power Pdf by Tungstenautomation

View all CVEs affecting Power Pdf →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Arbitrary code execution in the context of the current user process, leading to full system compromise if combined with privilege escalation vulnerabilities.

🟠

Likely Case

Information disclosure through memory reads, potentially exposing sensitive data like passwords, keys, or other application memory contents.

🟢

If Mitigated

Limited impact with proper application sandboxing and memory protection controls in place.

🌐 Internet-Facing: MEDIUM - Requires user interaction but malicious files could be delivered via web, email, or downloads.
🏢 Internal Only: MEDIUM - Similar risk internally if users open malicious files from internal sources.

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction to open malicious file. Information disclosure could be combined with other vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not specified in provided references

Vendor Advisory: https://www.zerodayinitiative.com/advisories/ZDI-23-924/

Restart Required: Yes

Instructions:

1. Check Kofax Power PDF version
2. Update to latest version from official Kofax website
3. Restart application and system if required

🔧 Temporary Workarounds

Disable JP2 file processing

windows

Configure Power PDF to not process JP2 files or block JP2 file extensions

Application sandboxing

windows

Run Power PDF in restricted mode or sandboxed environment

🧯 If You Can't Patch

  • Implement application whitelisting to prevent unauthorized Power PDF execution
  • Use email/web filtering to block JP2 files and educate users about suspicious attachments

🔍 How to Verify

Check if Vulnerable:

Check Power PDF version against patched versions in vendor advisory

Check Version:

Open Power PDF → Help → About to check version

Verify Fix Applied:

Verify Power PDF version is updated to patched version and test with known safe JP2 files

📡 Detection & Monitoring

Log Indicators:

  • Application crashes when processing JP2 files
  • Unusual memory access patterns in application logs

Network Indicators:

  • Downloads of JP2 files from untrusted sources
  • Network traffic spikes during file processing

SIEM Query:

EventID for application crashes OR file extension contains '.jp2' AND process contains 'PowerPDF'

📊 Metadata

CVE ID: CVE-2023-38085
CVSS v3 Score: 5.5 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N
CWE: CWE-125
Published: May 3, 2024
Last Updated: August 7, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-38085, you might also want to check these:

CVE-2021-41556 10.0

CVE-2021-41556 is a critical out-of-bounds read vulnerability in Squirrel scripting language that al...

Same vulnerability type (CWE-125)
CVE-2024-22004 10.0

This vulnerability allows attackers with privileged access on Linux non-secure operating systems to ...

Same vulnerability type (CWE-125)
CVE-2021-21777 10.0

CVE-2021-21777 is a critical out-of-bounds read vulnerability in the Ethernet/IP UDP handler of OpEN...

Same vulnerability type (CWE-125)