CVE-2025-67825 – Nitro PDF Pro for Windows before version 14.42.... (How to Fix)

Q: What is the severity of CVE-2025-67825?

CVE-2025-67825 has a CVSS score of 5.5 (MEDIUM). Nitro PDF Pro for Windows before version 14.42.0.34 displays signer information from unverified PDF fields instead of verified certificate subjects. This allows attackers to create PDFs that show misleading signer details, potentially tricking users into trusting fraudulent documents. Only users of vulnerable Nitro PDF Pro versions on Windows are affected.

📋 TL;DR

Nitro PDF Pro for Windows before version 14.42.0.34 displays signer information from unverified PDF fields instead of verified certificate subjects. This allows attackers to create PDFs that show misleading signer details, potentially tricking users into trusting fraudulent documents. Only users of vulnerable Nitro PDF Pro versions on Windows are affected.

💻 Affected Systems

Products:

Nitro PDF Pro for Windows

Versions: All versions before 14.42.0.34

Operating Systems: Windows

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects PDF signature verification functionality. Users must open PDFs with digital signatures to be vulnerable.

📦 What is this software?

Nitro Pdf Pro by Gonitro

View all CVEs affecting Nitro Pdf Pro →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could forge digital signatures to make malicious PDFs appear legitimate, leading to financial fraud, data theft, or malware installation.

🟠

Likely Case

Users might be tricked into opening phishing documents or accepting fraudulent contracts due to misleading signature information.

🟢

If Mitigated

With proper verification procedures and updated software, users would see correct signer information from verified certificates.

🌐 Internet-Facing: LOW with brief explanation

🏢 Internal Only: MEDIUM with brief explanation

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: LOW

Exploitation requires creating a specially crafted PDF with manipulated signature fields. User interaction (opening the PDF) is required.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 14.42.0.34 and later

Vendor Advisory: https://www.gonitro.com/documentation/release-notes

Restart Required: Yes

Instructions:

1. Open Nitro PDF Pro. 2. Go to Help > Check for Updates. 3. Follow prompts to download and install version 14.42.0.34 or later. 4. Restart the application.

🔧 Temporary Workarounds

Disable automatic PDF opening

windows

Configure system to not automatically open PDFs in Nitro PDF Pro

Use alternative PDF viewer

windows

Temporarily use a different PDF application for signed documents

🧯 If You Can't Patch

Train users to manually verify digital signatures through certificate properties
Implement policy requiring secondary verification of signed documents via email or phone

🔍 How to Verify

Check if Vulnerable:

Open Nitro PDF Pro, go to Help > About, check if version is below 14.42.0.34

Check Version:

Not applicable - check via application GUI

Verify Fix Applied:

After updating, open a test PDF with digital signature and verify signer information matches certificate subject

📡 Detection & Monitoring

Log Indicators:

Multiple failed signature validations
Unusual PDF file access patterns

Network Indicators:

Downloads of PDFs from untrusted sources followed by signature verification

SIEM Query:

EventID=4688 AND ProcessName='NitroPDF.exe' AND CommandLine LIKE '%.pdf%'

📊 Metadata

CVE ID: CVE-2025-67825

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

CWE: CWE-346

EPSS Score: 0% exploit probability (0th percentile)

Published: January 8, 2026

Last Updated: February 2, 2026

🔗 References

https://gonitro.com Product
https://www.gonitro.com/documentation/release-notes Release Notes

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67825, you might also want to check these: