CVE-2020-17424

Vulnerability

This vulnerability exists in Foxit Studio Photo version 3.6.6.922. The flaw occurs during the parsing of EZI files. The software fails to properly validate user-supplied data, leading to a write past the end of an allocated structure (an out-of-bounds write). The code path is reachable when a user opens a malicious EZI file or visits a webpage that triggers the download and opening of such a file [2].

Exploitation

An attacker must deliver a specially crafted EZI file to the target and convince the user to open it. No additional privileges or network position beyond the initial delivery vector (e.g., email link, social engineering, or hosting on a website) is required. The user interaction is limited to opening the malicious file; the exploit proceeds automatically upon parsing, triggering the out-of-bounds write [2].

Impact

Successful exploitation allows an attacker to execute arbitrary code in the context of the current Foxit Studio Photo process. This can lead to full compromise of the affected system, including unauthorized read, write, and modification of data, as well as potential further lateral movement depending on the environment. The CVSS v3 score is 7.8 (High) with vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [2].

Mitigation

Foxit Software has not published a specific advisory for this CVE on their security bulletins page as of the last update [1]. The vulnerability was disclosed by Zero Day Initiative on October 28, 2020 [2]. Users should apply the latest version of Foxit Studio Photo from the vendor's official website when a patch becomes available. As of the publication date (February 9, 2021), no fix is documented in the provided references [1][2].