CVE-2025-9327: 
Foxit PDF Reader vulnerability analysis and mitigation

CVE-2025-9327 is an Out-of-bounds Read vulnerability discovered in Foxit PDF Reader and Foxit PDF Editor that was disclosed on August 13, 2025. The vulnerability affects multiple versions of Foxit PDF Reader (2025.1.0.27937 and earlier) and Foxit PDF Editor (2025.1.0.27937 and earlier versions) on Windows platforms (Foxit Security).

The vulnerability is classified as an Out-of-bounds Read (CWE-125) issue that occurs when parsing PRC files. The application reads data beyond the boundaries of an allocated buffer without proper validation, which can lead to information disclosure. The vulnerability has been assigned a CVSS 3.0 score of 3.3 (AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N), indicating a low severity level (ZDI Advisory, Foxit Security).

The vulnerability allows remote attackers to disclose sensitive information on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability as the target must visit a malicious page or open a malicious file (ZDI Advisory).

Foxit has released updates to address this vulnerability in version 2025.2 of both Foxit PDF Reader and Foxit PDF Editor. Users are advised to update their applications to the latest versions either through the application's built-in update feature (Help > About > Check for Update) or by downloading the latest version from the Foxit website (Foxit Security).