Foxit has released updates that fix a remote code execution (RCE) vulnerability affecting the PDF Reader and PDF Editor products. The vulnerability affects the Windows operating system and is found in Foxit PDF Reader 220.127.116.1165 and earlier and Foxit PhantomPDF-10.1.7.37777 and earlier.
The details of the detected security vulnerability are as follows;
The vulnerability, tracked as CVE-2022-28672, allows remote threat actors to run arbitrary code on affected installations of Foxit PDF Reader. Exploiting this vulnerability requires user interaction.
The related vulnerability has been fixed in Foxit PDF Reader 12.1 and Foxit PDF Editor 12.1. In this context, in order not to be the target of attacks that can be carried out using the said vulnerability, PDF Reader users are recommended to apply the updates that fix the vulnerability immediately.