CVE-2020-17404

Vulnerability

This vulnerability resides in Foxit Studio Photo version 3.6.6.922. The specific flaw exists within the handling of PSD files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated structure. No special configuration is required; the affected code path is reachable when any user opens a crafted PSD file. Affected version: Foxit Studio Photo 3.6.6.922 [1][2].

Exploitation

An attacker must convince the target user to visit a malicious page or open a malicious PSD file. User interaction is required [2]. No authentication or special network position is needed, as the attack can be delivered via a website or email attachment. The out-of-bounds write occurs during parsing of the malformed PSD data, which can be triggered by simply opening the file in the application [2].

Impact

Successful exploitation allows the attacker to execute arbitrary code in the context of the current process. This can lead to full compromise of the affected system, including disclosure, modification, or destruction of data, and further propagation. The CVSS v3.1 score is 7.8 (High) [2].

Mitigation

As of the available references, Foxit Studio Photo is a legacy product and no specific patch for this CVE is mentioned. The Foxit security bulletin (reference [1]) primarily covers Foxit PDF Reader and Foxit PDF Editor; no update for Studio Photo is listed. Users should consider upgrading to a supported product if available, or avoid opening PSD files from untrusted sources. The ZDI advisory notes that Foxit was notified but no coordinated fix release is documented [2].