CVE-2020-8851:Remote code execution vulnerability in Foxit Reader 9.7.0.29455 when processing JPG2000 images.

splash
Back

Description Preview

CVE-2020-8851 is a critical vulnerability in Foxit Reader version 9.7.0.29455 that allows remote attackers to execute arbitrary code. The vulnerability is classified as CWE-787 (Out-of-bounds Write) and exists within the JPG2000 image processing functionality. When a user opens a malicious PDF file containing specially crafted JPG2000 images, the application fails to properly validate user-supplied data, resulting in a write past the end of an allocated structure. This buffer overflow condition can be leveraged by attackers to execute malicious code in the context of the current process.

Overview

This vulnerability affects Foxit Reader version 9.7.0.29455 and potentially earlier versions. The flaw stems from improper validation of user input when processing JPG2000 images embedded within PDF documents. When exploited successfully, attackers can achieve arbitrary code execution with the same privileges as the application. This is particularly concerning as Foxit Reader is widely used for viewing and interacting with PDF documents in both personal and enterprise environments. The vulnerability requires user interaction to be exploited, as the target must open a malicious PDF file or visit a malicious webpage that serves such content.

Remediation

Users and administrators should take the following actions to mitigate this vulnerability:

  1. Update Foxit Reader to the latest version available from the official Foxit Software website.
  2. If immediate updating is not possible, consider using alternative PDF readers until the update can be applied.
  3. Exercise caution when opening PDF files from unknown or untrusted sources.
  4. Implement network security controls to block untrusted PDF content.
  5. Consider implementing application control policies to restrict the execution of vulnerable versions of Foxit Reader.
  6. Monitor security bulletins from Foxit Software for additional information and updates regarding this vulnerability.

References

  1. Foxit Software Security Bulletin: https://www.foxitsoftware.com/support/security-bulletins.php
  2. Zero Day Initiative Advisory ZDI-20-207: https://www.zerodayinitiative.com/advisories/ZDI-20-207/
  3. Common Weakness Enumeration: CWE-787 (Out-of-bounds Write)
  4. Original ZDI submission reference: ZDI-CAN-9406

Industry ExposureMost to least
This section illustrates the prevalence of a specific Common Vulnerabilities and Exposures (CVE) across various industries based on customer reports. The ranking displays industries from the most to least affected by this particular vulnerability, offering valuable insight into where this CVE has been most frequently observed. This information can help organizations within these sectors prioritize their security efforts, understand their relative risk exposure compared to their peers, and focus remediation strategies where they are most needed. By understanding the industry-specific impact, organizations can make more informed decisions regarding patching, resource allocation, and overall risk management related to this CVE.

  1. Manufacturing
    Manufacturing
  2. Health Care & Social Assistance
    Health Care & Social Assistance
  3. Educational Services
    Educational Services
  4. Transportation & Warehousing
    Transportation & Warehousing
  5. Arts, Entertainment & Recreation
    Arts, Entertainment & Recreation
  6. Management of Companies & Enterprises
    Management of Companies & Enterprises
  7. Public Administration
    Public Administration
  8. Retail Trade
    Retail Trade
  9. Utilities
    Utilities
  10. Finance and Insurance
    Finance and Insurance
  11. Information
    Information
  12. Other Services (except Public Administration)
    Other Services (except Public Administration)
  13. Wholesale Trade
    Wholesale Trade
  14. Accommodation & Food Services
    Accommodation & Food Services
  15. Administrative, Support, Waste Management & Remediation Services
    Administrative, Support, Waste Management & Remediation Services
  16. Agriculture, Forestry Fishing & Hunting
    Agriculture, Forestry Fishing & Hunting
  17. Construction
    Construction
  18. Mining
    Mining
  19. Professional, Scientific, & Technical Services
    Professional, Scientific, & Technical Services
  20. Real Estate Rental & Leasing
    Real Estate Rental & Leasing

Focus on What Matters

  1. See Everything.
  2. Identify True Risk.
  3. Proactively Mitigate Threats.

Let's talk!

background
Armis Vulnerability Intelligence Database