CVE-2025-9325 – This vulnerability in Foxit PDF Reader allows a... (How to Fix)

Q: What is the severity of CVE-2025-9325?

CVE-2025-9325 has a CVSS score of 5.5 (MEDIUM). This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated bounds when parsing malicious PRC files, potentially disclosing sensitive information. Users who open malicious PDF files or visit compromised websites are affected. The vulnerability requires user interaction but could be combined with other exploits for code execution.

📋 TL;DR

This vulnerability in Foxit PDF Reader allows attackers to read memory beyond allocated bounds when parsing malicious PRC files, potentially disclosing sensitive information. Users who open malicious PDF files or visit compromised websites are affected. The vulnerability requires user interaction but could be combined with other exploits for code execution.

💻 Affected Systems

Products:

Foxit PDF Reader

Versions: Specific affected versions not specified in provided references, check Foxit advisory for details

Operating Systems: Windows, macOS, Linux - all platforms where Foxit PDF Reader runs

Default Config Vulnerable: ⚠️ Yes

Notes: All default installations of affected Foxit PDF Reader versions are vulnerable when processing PRC files.

📦 What is this software?

⚠️ Risk & Real-World Impact

🔴

Worst Case

Information disclosure combined with other vulnerabilities could lead to arbitrary code execution in the current user context, potentially compromising the entire system.

🟠

Likely Case

Sensitive memory contents disclosure including passwords, keys, or other application data, potentially enabling further attacks.

🟢

If Mitigated

Limited information disclosure with no code execution due to proper sandboxing and exploit mitigations.

🌐 Internet-Facing: MEDIUM - Requires user interaction but malicious files could be delivered via web downloads or email attachments.

🏢 Internal Only: MEDIUM - Similar risk internally as users could open malicious files from network shares or internal systems.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ✅ No

Complexity: MEDIUM

Requires user interaction to open malicious file. Information disclosure alone may not be sufficient for full compromise without additional vulnerabilities.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check Foxit security bulletin for specific patched version

Vendor Advisory: https://www.foxit.com/support/security-bulletins.html

Restart Required: No

Instructions:

1. Visit Foxit security bulletins page. 2. Identify the specific advisory for CVE-2025-9325. 3. Download and install the latest version of Foxit PDF Reader. 4. Verify installation completes successfully.

🔧 Temporary Workarounds

Disable PRC file handling

all

Configure Foxit PDF Reader to not process PRC files or use alternative PDF viewers for PRC content

User education and restrictions

all

Train users to avoid opening PDF files from untrusted sources and implement application whitelisting

🧯 If You Can't Patch

Implement application control to block execution of Foxit PDF Reader
Use alternative PDF readers that don't support PRC file format

🔍 How to Verify

Check if Vulnerable:

Check Foxit PDF Reader version against affected versions listed in Foxit security advisory

Check Version:

In Foxit PDF Reader: Help → About Foxit Reader (Windows) or Foxit Reader → About Foxit Reader (macOS)

Verify Fix Applied:

Verify installed Foxit PDF Reader version is equal to or higher than patched version specified in advisory

📡 Detection & Monitoring

Log Indicators:

Application crashes when processing PDF files
Unusual memory access patterns in application logs

Network Indicators:

Downloads of PDF files from suspicious sources
Unusual outbound connections after PDF file opening

SIEM Query:

EventID=1000 OR EventID=1001 Source="Foxit Reader" AND Keywords="Exception" OR "Access Violation"

📊 Metadata

CVE ID: CVE-2025-9325

CVSS v3 Score: 5.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CWE: CWE-125

EPSS Score: 0.03% exploit probability (6.7th percentile)

Published: September 2, 2025

Last Updated: September 8, 2025

🔗 References

https://www.foxit.com/support/security-bulletins.html Vendor Advisory
https://www.zerodayinitiative.com/advisories/ZDI-25-867/ Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-9325, you might also want to check these:

📋 TL;DR

💻 Affected Systems

📦 What is this software?

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Editor by Foxit

Pdf Reader by Foxit

Pdf Reader by Foxit

⚠️ Risk & Real-World Impact

Worst Case

Likely Case

If Mitigated

🎯 Exploit Status

🛠️ Fix & Mitigation

✅ Official Fix

Instructions:

🔧 Temporary Workarounds

Disable PRC file handling

User education and restrictions

🧯 If You Can't Patch

🔍 How to Verify

Check if Vulnerable:

Check Version:

Verify Fix Applied:

📡 Detection & Monitoring

Log Indicators:

Network Indicators:

SIEM Query:

📊 Metadata

🔗 References

📤 Share & Export

🔗 Related Vulnerabilities