Vulnerability Details CVE-2020-26540
An issue was discovered in Foxit Reader and PhantomPDF before 4.1 on macOS. Because the Hardened Runtime protection mechanism is not applied to code signing, code injection (or an information leak) can occur.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.4%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
Products affected by CVE-2020-26540
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:2.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.0.0111
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.0.0824
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.1.0901
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.2.1013
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.2.1030
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.1.4.1125
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2.0.0303
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.2.1.0401
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.0.0430
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1
-
cpe:2.3:a:foxitsoftware:foxit_reader:3.3.1.0520
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.0
-
cpe:2.3:a:foxitsoftware:foxit_reader:4.0.0.0619
-
cpe:2.3:a:foxitsoftware:phantompdf:1.0.2
-
cpe:2.3:a:foxitsoftware:phantompdf:2.0
-
cpe:2.3:a:foxitsoftware:phantompdf:2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.1.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2.1
-
cpe:2.3:a:foxitsoftware:phantompdf:2.2.3
-
cpe:2.3:a:foxitsoftware:phantompdf:3.0.1
-
cpe:2.3:a:foxitsoftware:phantompdf:3.3
-
cpe:2.3:a:foxitsoftware:phantompdf:3.4
-
cpe:2.3:a:foxitsoftware:phantompdf:4.0
-
cpe:2.3:o:apple:macos:-