CVE-2025-32451: 
Foxit PDF Reader vulnerability analysis and mitigation

A memory corruption vulnerability (CVE-2025-32451) was discovered in Foxit Reader 2025.1.0.27937, disclosed on August 13, 2025. The vulnerability stems from the use of an uninitialized pointer in the way Foxit Reader handles signature objects. The vulnerability affects Foxit Reader version 2025.1.0.27937, one of the most popular PDF document readers that aims for feature parity with Adobe's Acrobat Reader (Talos).

The vulnerability is caused by an uninitialized pointer in the CPDF_Signature object handling. When a specific JavaScript code related to signature handling is executed, a field in the object is not properly initialized before being accessed. The vulnerability has been assigned a CVSSv3 score of 8.8 (HIGH) with the vector string CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. The issue is classified as CWE-824 (Access of Uninitialized Pointer) (Talos).

The vulnerability can lead to memory corruption and potentially result in arbitrary code execution. The impact is significant as it affects the core functionality of the PDF reader and could allow attackers to execute malicious code with the same privileges as the application (Talos).

The vulnerability was patched by the vendor on August 13, 2025. Users are advised to update to the latest version of Foxit Reader. As a workaround, users can disable JavaScript execution in PDF documents and avoid using the browser plugin extension (Talos).