CVE-2025-64086 – A NULL pointer dereference vulnerability in PDF... (How to Fix)

Q: What is the severity of CVE-2025-64086?

CVE-2025-64086 has a CVSS score of 7.5 (HIGH). A NULL pointer dereference vulnerability in PDF-XChange Editor's util.readFileIntoStream component allows attackers to crash the application via specially crafted input, causing Denial of Service. This affects users of PDF-XChange Editor version 10.7.3.401 who open malicious PDF files.

📋 TL;DR

A NULL pointer dereference vulnerability in PDF-XChange Editor's util.readFileIntoStream component allows attackers to crash the application via specially crafted input, causing Denial of Service. This affects users of PDF-XChange Editor version 10.7.3.401 who open malicious PDF files.

💻 Affected Systems

Products:

PDF-XChange Editor

Versions: 10.7.3.401

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects the specific version mentioned; earlier or later versions may not be vulnerable.

📦 What is this software?

Pdf Xchange Editor by Pdf Xchange

View all CVEs affecting Pdf Xchange Editor →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete application crash requiring restart, potential data loss if unsaved documents are open, and disruption to business processes relying on PDF viewing/editing.

🟠

Likely Case

Application crash when opening a malicious PDF file, requiring user intervention to restart the software and potentially losing unsaved work.

🟢

If Mitigated

Minimal impact with proper controls - application crashes but restarts cleanly without system compromise.

🌐 Internet-Facing: MEDIUM

🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Attack requires user interaction to open malicious PDF file; no authentication needed for local exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check vendor website for latest version

Vendor Advisory: https://www.pdf-xchange.com/

Restart Required: Yes

Instructions:

1. Visit https://www.pdf-xchange.com/ 2. Download latest version 3. Install over existing installation 4. Restart system if prompted

🔧 Temporary Workarounds

Disable automatic PDF opening

windows

Configure system to not automatically open PDF files with PDF-XChange Editor

Use alternative PDF viewer

windows

Temporarily use a different PDF application until patched

🧯 If You Can't Patch

Restrict PDF file sources to trusted locations only
Implement application whitelisting to prevent unauthorized PDF execution

🔍 How to Verify

Check if Vulnerable:

Check Help > About in PDF-XChange Editor for version 10.7.3.401

Check Version:

Not applicable - check via GUI Help > About menu

Verify Fix Applied:

Verify version is updated to newer than 10.7.3.401 in Help > About

📡 Detection & Monitoring

Log Indicators:

Application crash logs for PDF-XChange Editor
Windows Event Logs showing application failures

Network Indicators:

Unusual PDF file downloads from untrusted sources

SIEM Query:

EventID=1000 OR EventID=1001 AND ProcessName="PDFXEdit.exe"

📊 Metadata

CVE ID: CVE-2025-64086

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-476

EPSS Score: 0.07% exploit probability (21.1th percentile)

Published: December 9, 2025

Last Updated: December 11, 2025

🔗 References

https://jeroscope.com/advisories/2025/jero-2025-011/ Exploit,Third Party Advisory
https://www.pdf-xchange.com/ Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-64086, you might also want to check these: