CVE-2025-9328: 
Foxit PDF Reader vulnerability analysis and mitigation

CVE-2025-9328 is an Out-of-bounds Read vulnerability discovered in Foxit PDF Reader that affects PRC file parsing functionality. The vulnerability was discovered by Mat Powell of Trend Micro Zero Day Initiative and was disclosed on August 21, 2025. The vulnerability affects Foxit PDF Reader version 2025.1.0.27937 and earlier, as well as Foxit PDF Editor (previously named Foxit PhantomPDF) version 2025.1.0.27937 and earlier versions (ZDI Advisory, Foxit Security Bulletin).

The vulnerability exists within the parsing of PRC files and results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. The vulnerability has been assigned a CVSS v3.0 score of 7.8 (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H), indicating a high severity level (ZDI Advisory).

If successfully exploited, this vulnerability allows attackers to execute arbitrary code in the context of the current process. The vulnerability requires user interaction, specifically that the target must visit a malicious page or open a malicious file (ZDI Advisory).

Foxit has released security updates to address this vulnerability. Users are advised to update to Foxit PDF Reader 2025.2 or Foxit PDF Editor 2025.2. The update can be installed either through the application's built-in update feature (Help > About > Check for Update) or by downloading the latest version from the Foxit website (Foxit Security Bulletin).