CVE-2025-2231: 
PDF-XChange Editor vulnerability analysis and mitigation

PDF-XChange Editor RTF File Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability (CVE-2025-2231) was discovered and disclosed on March 12, 2025. This vulnerability affects PDF-XChange Editor installations and requires user interaction to exploit, specifically when opening a malicious RTF file. The vulnerability stems from improper validation of user-supplied data during RTF file parsing (Zero Day Initiative).

The vulnerability is classified with a CVSS v3.0 base score of 7.8 (HIGH) with the vector string CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The specific flaw exists within the parsing of RTF files, where improper validation of user-supplied data can result in a read past the end of an allocated buffer. The vulnerability is tracked as CWE-125 (Out-of-bounds Read) (Zero Day Initiative).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process on affected installations of PDF-XChange Editor. The high CVSS score indicates potential severe impacts on system confidentiality, integrity, and availability (Zero Day Initiative).

PDF-XChange has released version 10.5.2.395 to address this vulnerability. Users of affected versions (PDF-XChange Editor 10.5.1.394, PDF-Tools 10.5.1.394, and PDF-XChange PRO 10.5.1.394) should upgrade to the latest version (PDF-XChange Security Bulletin).

The vulnerability was discovered by Rocco Calvi (@TecR0c) with TecSecurity, working in collaboration with Trend Micro's Zero Day Initiative. The coordinated disclosure process involved reporting to the vendor on October 11, 2024, with the public advisory release on March 12, 2025 (Zero Day Initiative).