CVE-2025-0902 – PDF-XChange Editor contains an out-of-bounds re... (How to Fix)

Q: What is the severity of CVE-2025-0902?

CVE-2025-0902 has a CVSS score of 8.8 (HIGH). PDF-XChange Editor contains an out-of-bounds read vulnerability when parsing XPS files, allowing attackers to disclose sensitive information from memory. Users who open malicious XPS files or visit malicious websites are affected. This vulnerability could potentially lead to arbitrary code execution when combined with other exploits.

📋 TL;DR

PDF-XChange Editor contains an out-of-bounds read vulnerability when parsing XPS files, allowing attackers to disclose sensitive information from memory. Users who open malicious XPS files or visit malicious websites are affected. This vulnerability could potentially lead to arbitrary code execution when combined with other exploits.

💻 Affected Systems

Products:

PDF-XChange Editor

Versions: Versions prior to the patch

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with XPS file parsing enabled are vulnerable by default.

📦 What is this software?

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Arbitrary code execution in the context of the current user, leading to full system compromise when combined with other vulnerabilities.

🟠

Likely Case

Information disclosure from process memory, potentially exposing sensitive data like credentials or encryption keys.

🟢

If Mitigated

Limited information disclosure with no code execution due to proper security controls and sandboxing.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction (opening malicious file) and additional vulnerabilities for code execution.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor advisory for specific version

Vendor Advisory: https://www.tracker-software.com/support/security-advisories

Restart Required: No

Instructions:

1. Visit Tracker Software's security advisory page. 2. Download and install the latest version of PDF-XChange Editor. 3. Verify installation completes successfully.

🔧 Temporary Workarounds

Disable XPS file association

Windows

Prevent PDF-XChange Editor from opening XPS files by default

Control Panel > Default Programs > Set Associations > Remove .xps from PDF-XChange Editor

Block XPS files at perimeter

all

Filter XPS files at email gateways and web proxies

🧯 If You Can't Patch

Implement application whitelisting to prevent execution of PDF-XChange Editor from untrusted locations
Use sandboxing solutions to isolate PDF-XChange Editor from critical system resources

🔍 How to Verify

Check if Vulnerable:

Check PDF-XChange Editor version against vendor's patched version list

Check Version:

Open PDF-XChange Editor > Help > About

Verify Fix Applied:

Verify installed version matches or exceeds patched version from vendor advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing XPS files
Unusual memory access patterns in application logs

Network Indicators:

Downloads of XPS files from untrusted sources
Unusual outbound connections after opening XPS files

SIEM Query:

source="PDF-XChange Editor" AND (event_type="crash" OR file_extension=".xps")

📊 Metadata

CVE ID: CVE-2025-0902

CVSS v3 Score: 8.8 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CWE: CWE-125

EPSS Score: 0.1% exploit probability (26.8th percentile)

Published: February 11, 2025

Last Updated: February 12, 2025

🔗 References

https://www.zerodayinitiative.com/advisories/ZDI-25-072/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0902, you might also want to check these: