CVE-2024-30335 – This vulnerability in Foxit PDF Reader allows a... (How to Fix)

Q: What is the severity of CVE-2024-30335?

CVE-2024-30335 has a CVSS score of 7.1 (HIGH). This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated buffers when processing malicious PDF files with AcroForm annotations. It can disclose sensitive information and potentially be combined with other exploits for code execution. Users who open untrusted PDF files with affected Foxit Reader versions are at risk.

📋 TL;DR

This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated buffers when processing malicious PDF files with AcroForm annotations. It can disclose sensitive information and potentially be combined with other exploits for code execution. Users who open untrusted PDF files with affected Foxit Reader versions are at risk.

💻 Affected Systems

Products:

Foxit PDF Reader

Versions: Specific affected versions not specified in advisory, but likely multiple recent versions prior to patched release.

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Requires user interaction to open malicious PDF file. All default configurations are vulnerable.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the context of the current user, potentially resulting in full system compromise.

🟠

Likely Case

Sensitive memory contents disclosure including passwords, keys, or other application data, enabling further attacks.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protections, though information disclosure still possible.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction to open malicious file. Exploit likely requires combining with other vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Foxit security bulletins for specific patched version

Vendor Advisory: https://www.foxit.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Visit Foxit security bulletins page
2. Download latest version of Foxit PDF Reader
3. Install update
4. Restart system

🔧 Temporary Workarounds

Disable PDF opening in Foxit Reader

windows

Change default PDF handler to alternative PDF reader

Windows: Settings > Apps > Default apps > Choose default apps by file type > Select .pdf > Choose alternative PDF reader

Enable Protected View

windows

Configure Foxit Reader to open untrusted PDFs in protected mode

Foxit Reader: File > Preferences > Trust Manager > Enable Safe Reading Mode

🧯 If You Can't Patch

Use alternative PDF reader software
Block PDF downloads from untrusted sources via web proxy or email filtering

🔍 How to Verify

Check if Vulnerable:

Check Foxit Reader version against security bulletin

Check Version:

Foxit Reader: Help > About Foxit Reader

Verify Fix Applied:

Verify installed version matches or exceeds patched version from Foxit advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes in Foxit Reader
Unusual memory access patterns in application logs

Network Indicators:

PDF downloads from suspicious sources
Multiple PDF file accesses from single user

SIEM Query:

source="foxit_reader" AND (event_type="crash" OR event_type="exception")

📊 Metadata

CVE ID: CVE-2024-30335

CVSS v3 Score: 7.1 (HIGH)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:H

CWE: CWE-125

Published: April 2, 2024

Last Updated: August 7, 2025

🔗 References

https://www.foxit.com/support/security-bulletins.html Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-24-304/ Third Party Advisory
https://www.foxit.com/support/security-bulletins.html Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-24-304/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-30335, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Reader by Foxit

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable PDF opening in Foxit Reader

Enable Protected View

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities