Home
HIGH: 8.2 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:NDefault status
unaffected
Versions 2026.1.1 and earlier
affected
Versions 14.0.4 and earlier
affected
Versions 13.2.4 and earlier
affected
Default status
unaffected
Versions 2026.1.1 and earlier
affected
Description
The user-controllable executable files will be directly executed by high-privilege processes, allowing low-privilege users to have the opportunity to elevate their privileges to NT AUTHORITY\SYSTEM.
Problem types
Uncontrolled Search Path Element (CWE‑427)
Product status
Versions 2026.1.1 and earlier
Versions 14.0.4 and earlier
Versions 13.2.4 and earlier
Versions 2026.1.1 and earlier
Credits
Luke Paris (@Paradoxis)
References
www.foxit.com/support/security-bulletins.html