How severe is CVE-2023-27363?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2023-27363?

This is classified as CWE-749, which is a common weakness in software security.

CVE-2023-27363 - HIGH Severity | CVSS 7.8

Vulnerability Description

Foxit PDF Reader exportXFAData Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the exportXFAData method. The application exposes a JavaScript interface that allows writing arbitrary files. An attacker can leverage this vulnerability to execute code in the context of the current user. Was ZDI-CAN-19697.

Related Vulnerabilities

CVE-2018-19322

HIGH

CVSS:7.8(High)

The GPCIDrv and GDrv low-level drivers in GIGABYTE APP Center v1.05.21 and earlier, AORUS GRAPHICS ENGINE before 1.57, XTREME GAMING ENGINE before 1.26, and OC GURU II v2.08 expose functionality to re...

CWE-7492018

CVE-2020-12927

HIGH

CVSS:7.8(High)

A potential vulnerability in a dynamically loaded AMD driver in AMD VBIOS Flash Tool SDK may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2020-12928

HIGH

CVSS:7.8(High)

A vulnerability in a dynamically loaded AMD driver in AMD Ryzen Master V15 may allow any authenticated user to escalate privileges to NT authority system.

CWE-7492020

CVE-2022-37365

HIGH

CVSS:7.8(High)

This vulnerability allows remote attackers to execute arbitrary code on affected installations of PDF-XChange Editor. User interaction is required to exploit this vulnerability in that the target must...

CWE-7492022

CVE-2023-27364

HIGH

CVSS:7.8(High)

Foxit PDF Editor XLS File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit ...

CWE-7492023

CVE-2023-27365

HIGH

CVSS:7.8(High)

Foxit PDF Editor DOC File Parsing Exposed Dangerous Method Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit ...

CWE-7492023