Login Sign Up

CVE-2024-7722

4.3 MEDIUM

📋 TL;DR

A use-after-free vulnerability in Foxit PDF Reader's Doc object handling allows remote attackers to disclose sensitive information. Attackers can exploit this by tricking users into opening malicious PDF files or visiting malicious web pages. This affects users of vulnerable Foxit PDF Reader versions.

💻 Affected Systems

Products:
  • Foxit PDF Reader
Versions: Specific versions not detailed in advisory - check vendor bulletin for exact affected versions
Operating Systems: Windows
Default Config Vulnerable: ⚠️ Yes
Notes: User interaction required - victim must open malicious PDF or visit malicious webpage

📦 What is this software?

Pdf Editor by Foxit

View all CVEs affecting Pdf Editor →

Pdf Editor by Foxit

View all CVEs affecting Pdf Editor →

Pdf Editor by Foxit

View all CVEs affecting Pdf Editor →

Pdf Editor by Foxit

View all CVEs affecting Pdf Editor →

Pdf Reader by Foxit

View all CVEs affecting Pdf Reader →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the context of the current user process.

🟠

Likely Case

Sensitive information disclosure from memory, potentially exposing credentials, documents, or system information.

🟢

If Mitigated

Limited impact with proper sandboxing and memory protection controls in place.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ✅ No
Complexity: MEDIUM

Requires user interaction and likely needs chaining with other vulnerabilities for code execution

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Foxit security bulletin for specific patched version

Vendor Advisory: https://www.foxit.com/support/security-bulletins.html

Restart Required: Yes

Instructions:

1. Visit Foxit security bulletins page
2. Download and install latest Foxit PDF Reader version
3. Restart system after installation

🔧 Temporary Workarounds

Disable JavaScript in Foxit PDF Reader

windows

Prevents JavaScript-based exploitation vectors

Open Foxit PDF Reader > File > Preferences > JavaScript > Uncheck 'Enable JavaScript'

Use Protected View

windows

Open PDFs in protected/sandboxed mode

Ensure 'Protected View' is enabled in Foxit security settings

🧯 If You Can't Patch

  • Use alternative PDF readers temporarily
  • Block PDF files from untrusted sources at network perimeter

🔍 How to Verify

Check if Vulnerable:

Check Foxit PDF Reader version against vendor advisory

Check Version:

Open Foxit PDF Reader > Help > About Foxit Reader

Verify Fix Applied:

Verify installed version matches or exceeds patched version from advisory

📡 Detection & Monitoring

Log Indicators:

  • Multiple crash reports from Foxit Reader
  • Unexpected memory access errors in application logs

Network Indicators:

  • Downloads of PDF files from suspicious sources
  • Network traffic to known malicious domains after PDF opening

SIEM Query:

source="*foxit*" AND (event_type="crash" OR error="access violation")

📊 Metadata

CVE ID: CVE-2024-7722
CVSS v3 Score: 4.3 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N
CWE: CWE-416
Published: August 21, 2024
Last Updated: October 18, 2024

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-7722, you might also want to check these:

CVE-2025-24085 10.0

This CVE describes a use-after-free vulnerability (CWE-416) in Apple operating systems that allows m...

Same vulnerability type (CWE-416)
CVE-2024-43102 10.0

This CVE describes a use-after-free vulnerability in FreeBSD's umtx (user mutex) subsystem where con...

Same vulnerability type (CWE-416)
CVE-2021-33796 10.0

CVE-2021-33796 is a use-after-free vulnerability in MuJS's regexp source property access that can le...

Same vulnerability type (CWE-416)