CVE-2025-59802
Dec. 18, 2025, 9:31 p.m.
7.5
High
Description
Foxit PDF Editor and Reader before 2025.2.1 allow signature spoofing via OCG. When Optional Content Groups (OCG) are supported, the state property of an OCG is runtime-only and not included in the digital signature computation buffer. An attacker can leverage JavaScript or PDF triggers to dynamically change the visibility of OCG content after signing (Post-Sign), allowing the visual content of a signed PDF to be modified without invalidating the signature. This may result in a mismatch between the signed content and what the signer or verifier sees, undermining the trustworthiness of the digital signature. The fixed versions are 2025.2.1, 14.0.1, and 13.2.1.
Product(s) Impacted
| Vendor | Product | Versions |
|---|---|---|
| Foxit |
|
|
| Apple |
|
|
| Microsoft |
|
|
Weaknesses
Common security weaknesses mapped to this vulnerability.
CWE-290
Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
*CPE(s)
Affected systems and software identified for this CVE.
| Type | Vendor | Product | Version | Update | Edition | Language | Software Edition | Target Software | Target Hardware | Other Information |
|---|---|---|---|---|---|---|---|---|---|---|
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 14.0.0.68868 | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 2025.1.0.66692 | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 2025.2.0.68868 | / | / | / | / | / | / | / |
| a | foxit | pdf_reader | / | / | / | / | / | / | / | / |
| o | apple | macos | - | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | / | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 14.0.0.33046 | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 2025.1.0.27937 | / | / | / | / | / | / | / |
| a | foxit | pdf_editor | 2025.2.0.33046 | / | / | / | / | / | / | / |
| a | foxit | pdf_reader | / | / | / | / | / | / | / | / |
| o | microsoft | windows | - | / | / | / | / | / | / | / |
Tags
CVSS Score
CVSS Data - 3.1
- Attack Vector: NETWORK
- Attack Complexity: LOW
- Privileges Required: NONE
- Scope: UNCHANGED
- Confidentiality Impact: NONE
- Integrity Impact: HIGH
- Availability Impact: NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Timeline
Published: Dec. 11, 2025, 4:16 p.m.
Last Modified: Dec. 18, 2025, 9:31 p.m.
Last Modified: Dec. 18, 2025, 9:31 p.m.
Status : Analyzed
CVE has had analysis completed and all data associations made.
More infoSource
cve@mitre.org
*Disclaimer: Some vulnerabilities do not have an associated CPE. To enhance the data, we use AI to infer CPEs based on CVE details. This is an automated process and might not always be accurate.