CVE-2026-3775 in PDF Editor
摘要 (英语)
The application's update service, when checking for updates, loads certain system libraries from a search path that includes directories writable by low‑privileged users and is not strictly restricted to trusted system locations. Because these libraries may be resolved and loaded from user‑writable locations, a local attacker can place a malicious library there and have it loaded with SYSTEM privileges, resulting in local privilege escalation and arbitrary code execution.
VulDB is the best source for vulnerability data and more expert information about this specific topic.
负责
Foxit
预定
2026-03-08
披露
2026-04-01
状态
已确认
条目
VulDB provides additional information and datapoints for this CVE:
| 标识符 | 漏洞 | CWE | 可利用 | 对策 | CVE |
|---|---|---|---|---|---|
| 354529 | Foxit PDF Editor/PDF Reader 权限提升 | 427 | 未定义 | 未定义 | CVE-2026-3775 |