Critical Zero-Day Flaws in PDF Software Risk Data Exposure

Critical Zero-Day Flaws in PDF Software Risk Data Exposure

Posted on By CWS

Significant security vulnerabilities have been uncovered in popular PDF platforms, posing a serious risk to enterprises globally. A total of 16 zero-day flaws, including critical OS Command Injection, DOM-based XSS, SSRF, and Path Traversal vulnerabilities, have been identified in Apryse WebViewer and Foxit PDF cloud services.

Details of the Discovered Vulnerabilities

The vulnerabilities were disclosed by Novee Security, which utilized a combination of AI and human expertise to identify these risks in widely used PDF platforms. The flawed systems affect millions of users, making it crucial for enterprises to address these security gaps immediately.

Both Apryse and Foxit were informed of these vulnerabilities under a responsible disclosure process, allowing them to release patches and mitigations before publicizing the issues.

Research Methodology and Vulnerability Impact

Apryse WebViewer’s architecture, which includes a React-based UI, a JavaScript/WebAssembly document engine, and a server-side SDK, was found to have significant trust boundary failures. These inadequacies in input validation were the root cause of the vulnerabilities.

Novee Security’s approach involved a blend of human intelligence and AI agents. The process included identifying vulnerability patterns and encoding these into agents designed to systematically explore and exploit these issues across the platform.

Particularly concerning is the Critical OS Command Injection vulnerability (CVSS 9.8) found in the Foxit PDF SDK for Web, allowing full remote code execution with a single POST request.

Specific Vulnerabilities and Recommendations

Among the vulnerabilities, an SSRF issue in Apryse WebViewer’s server-side iFrame rendering allows unauthorized content rendering, posing a network security risk. Apryse’s uiConfig parameter flaw also enables Critical DOM XSS through unsanitized JSON data.

Furthermore, a high-severity Path Traversal flaw in Foxit’s Collaboration Add-on permits unauthorized directory access. Multiple stored XSS vulnerabilities were also identified across Foxit’s platform.

Enterprises using Apryse WebViewer or Foxit PDF SDK for Web are urged to apply the available patches promptly. Additionally, conducting a thorough audit of their systems, particularly focusing on input validation protocols, is recommended to prevent exploitation of these vulnerabilities.

Implementing strict Content-Security-Policy and postMessage origin validation is also advised to enhance security across PDF components.

Stay updated with the latest cybersecurity developments by following us on Google News, LinkedIn, and X.

Cyber Security News Tags:, , , , , , , , , , , , ,

Related Posts

Critical InputPlumber Vulnerabilities Allows UI Input Injection and Denial-of-Service Critical InputPlumber Vulnerabilities Allows UI Input Injection and Denial-of-Service Cyber Security News
Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities Bridgestone Confirms Cyberattack Impacts Manufacturing Facilities Cyber Security News
iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot iOS 26 Deletes Pegasus and Predator Spyware Infection Evidence by Overwriting The ‘shutdown.log’ file on Reboot Cyber Security News
Notepad++ Compromised by Chinese APT Group with Custom Malware Notepad++ Compromised by Chinese APT Group with Custom Malware Cyber Security News
Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers Sophisticated Malware Campaign Targets WordPress and WooCommerce Sites with Obfuscated Skimmers Cyber Security News
NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data NoisyBear Weaponizing ZIP Files to PowerShell Loaders and Exfiltrate Sensitive Data Cyber Security News