Vulnerability Description
An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's modification status via JavaScript interfaces. This circumvents digital signature verification by hiding document modifications, allowing an attacker to mislead users about the document's integrity and compromise the trustworthiness of signed PDFs.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxit | Pdf Editor | <= 13.1.7.63027 |
| Foxit | Pdf Reader | <= 2025.1.0.66692 |
| Apple | Macos | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2025-55311?
CVE-2025-55311 is a vulnerability with a CVSS score of 6.5 (MEDIUM). An issue was discovered in Foxit PDF and Editor for Windows and macOS before 13.2 and 2025 before 2025.2. A crafted PDF can use JavaScript to alter annotation content and subsequently clear the file's...
How severe is CVE-2025-55311?
CVE-2025-55311 has been rated MEDIUM with a CVSS base score of 6.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-55311?
Check the references section above for vendor advisories and patch information. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader, Apple Macos, Microsoft Windows.