Vulnerability Description
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a signer reviews the document, the content appears normal. However, once the signature is applied, the triggers modify content on other pages or optional content layers without explicit warning. This can cause the signed PDF to differ from what the signer saw, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Foxit | Pdf Editor | <= 13.2.0.63256 |
| Foxit | Pdf Reader | <= 2025.2.0.68868 |
| Apple | Macos | - |
| Microsoft | Windows | - |
Related Weaknesses (CWE)
References
- https://www.foxit.com/support/security-bulletins.htmlVendor Advisory
FAQ
What is CVE-2025-59803?
CVE-2025-59803 is a vulnerability with a CVSS score of 5.3 (MEDIUM). Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via triggers. An attacker can embed triggers (e.g., JavaScript) in a PDF document that execute during the signing process. When a s...
How severe is CVE-2025-59803?
CVE-2025-59803 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2025-59803?
Check the references section above for vendor advisories and patch information. Affected products include: Foxit Pdf Editor, Foxit Pdf Reader, Apple Macos, Microsoft Windows.