Cyber Resilience

CVE-2024-12751

High

Published: 30 December 2024

Published
30 December 2024
Modified
08 August 2025
KEV Added
Patch
CVSS Score v3 7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score 0.0289 86.6th percentile
Risk Priority 17 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-12751 is a high-severity Out-of-bounds Read (CWE-125) vulnerability in Foxit Pdf Editor. Its CVSS base score is 7.8 (High).

Operationally, ranked in the top 13.4% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

Deeper analysis

CVE-2024-12751 is an out-of-bounds read vulnerability in the AcroForm handling code of Foxit PDF Reader that can lead to remote code execution. The flaw stems from insufficient validation of user-supplied data, allowing a read past the end of an allocated buffer. Successful exploitation grants arbitrary code execution in the context of the current process. The issue was originally reported as ZDI-CAN-25344 and carries a CVSS 3.0 score of 7.8.

Remote attackers can exploit the vulnerability by convincing a target to open a malicious PDF file or visit a malicious page. No authentication or elevated privileges are required, though user interaction is necessary. The attack runs entirely within the reader's process and can result in full confidentiality, integrity, and availability impact on the affected system.

Foxit has published a security bulletin addressing the issue, and the Zero Day Initiative has released advisory ZDI-24-1737 that includes additional technical details for defenders.

The EPSS score for this CVE rose from a low baseline to a peak of 0.0504 on 2026-02-07 before receding to its current value of 0.0289, indicating that exploitation interest increased after disclosure.

EU & UK References

Vulnerability details

Foxit PDF Reader AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit…

more

a malicious page or open a malicious file. The specific flaw exists within the handling of AcroForms. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-25344.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

foxit
pdf editor
11.0.0 — 11.2.11.54113 · 12.0.0 — 12.1.8.15703 · 13.0.0 — 13.1.4.23147
foxit
pdf reader
≤ 2024.3.0.26795

Mitigating Controls

No mitigating controls mapped yet. The per-CVE control annotator has not reached this CVE.

References