Full Report
Cisco Talos’ Vulnerability Discovery & Research team recently disclosed three vulnerabilities in Foxit PDF Editor, one in the Epic Games Store, and twenty-one in MedDream PACS..The vulnerabilities mentioned in this blog post have been patched by their respective vendors, all in adherence to Cisco’s third-party vulnerability
Analysis Summary
This summary covers the vulnerabilities disclosed by Cisco Talos in Foxit PDF Editor, Epic Games Store, and MedDream PACS. All listed vulnerabilities have been patched by their respective vendors.
***
# Vulnerability: Foxit PDF Editor Privilege Escalation (TALOS-2025-2275)
## CVE Details
- CVE ID: CVE-2025-57779
- CVSS Score: Not explicitly provided, but implied High given privilege escalation class. (Severity: Not explicitly provided)
## Affected Systems
- Products: Foxit PDF Editor (via the Microsoft Store installation)
- Versions: Not specified, assumed to be versions prior to the patch.
- Configurations: Specific to the installation process packaging via the Microsoft Store.
## Vulnerability Description
A privilege escalation vulnerability exists in the installation process of Foxit PDF Editor when installed via the Microsoft Store. A low-privilege user can exploit this by replacing files during installation, leading to an elevation of privileges.
## Exploitation
- Status: Status not explicitly stated, but patched.
- Complexity: Low-privilege user required.
- Attack Vector: Local (during installation).
## Impact
- Confidentiality: Increased privileges may lead to data access.
- Integrity: Attacker can modify system state/files.
- Availability: Potential impact depending on the extent of privilege escalation.
## Remediation
### Patches
Vendor patch available (implied by disclosure adherence).
### Workarounds
None specified.
## Detection
No specific IoCs provided in the summary. Download latest Snort rules from snort.org for potential coverage.
## References
- Vendor Advisory: (Implied by adherence to third-party disclosure policy)
- Security Advisory: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2275
***
# Vulnerability: Foxit Reader Use-After-Free (TALOS-2025-2277 & TALOS-2025-2278)
## CVE Details
- CVE ID: CVE-2025-58085 (TALOS-2025-2277)
- CVE ID: CVE-2025-59488 (TALOS-2025-2278)
- CVSS Score: Not explicitly provided. (Severity: Not explicitly provided)
## Affected Systems
- Products: Foxit Reader
- Versions: Not specified, assumed to be versions prior to the patch.
- Configurations: Handling of Barcode field objects (2277) and Text Widget field objects (2278) via maliciously crafted PDF documents.
## Vulnerability Description
Two use-after-free vulnerabilities exist in Foxit Reader. These are triggered when processing a specially crafted PDF document containing malicious JavaScript that references Barcode field objects or Text Widget field objects. This results in memory corruption, leading to arbitrary code execution.
## Exploitation
- Status: Status not explicitly stated, but patched.
- Complexity: Requires user interaction (opening malicious file) or visiting a malicious site if the browser plugin is enabled.
- Attack Vector: Network (via file or malicious website).
## Impact
- Confidentiality: High (Arbitrary Code Execution).
- Integrity: High (Arbitrary Code Execution).
- Availability: High (System compromise).
## Remediation
### Patches
Vendor patches available for both CVEs.
### Workarounds
None specified.
## Detection
No specific IoCs provided in the summary. Download latest Snort rules from snort.org for potential coverage.
## References
- Security Advisory 1: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2277
- Security Advisory 2: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2278
***
# Vulnerability: Epic Games Store Local Privilege Escalation (TALOS-2025-2279)
## CVE Details
- CVE ID: CVE-2025-61973
- CVSS Score: Not explicitly provided, but implied High. (Severity: Not explicitly provided)
## Affected Systems
- Products: Epic Games Store (via the Microsoft Store installation)
- Versions: Not specified, assumed to be versions prior to the patch.
- Configurations: Specific to the installation process packaging via the Microsoft Store.
## Vulnerability Description
A local privilege escalation vulnerability exists in the installation routine of the Epic Games Store when installed via the Microsoft Store. A low-privilege user can replace a Dynamic Link Library (DLL) file during installation, allowing for privilege elevation.
## Exploitation
- Status: Status not explicitly stated, but patched.
- Complexity: Low-privilege user required.
- Attack Vector: Local (during installation).
## Impact
- Confidentiality: Increased privileges may lead to data access.
- Integrity: Attacker can modify system state/files.
- Availability: Potential impact depending on the extent of privilege escalation.
## Remediation
### Patches
Vendor patch available (implied).
### Workarounds
None specified.
## Detection
No specific IoCs provided in the summary. Download latest Snort rules from snort.org for potential coverage.
## References
- Security Advisory: https://talosintelligence.com/vulnerability_reports/TALOS-2025-2279
***
# Vulnerability: MedDream PACS Reflected Cross-Site Scripting (21 Flaws)
## CVE Details
A total of 21 vulnerabilities, starting from CVE-2025-54817 up to CVE-2025-58095 (including CVE-2025-36556 for LDAP user functionality).
- CVSS Score: Not explicitly provided for individual entries. (Severity: Not explicitly provided)
## Affected Systems
- Products: MedDream PACS Premium
- Versions: 7.3.6.870
- Configurations: Various application functions triggered via specially crafted URLs.
## Vulnerability Description
Twenty-one reflected Cross-Site Scripting (XSS) vulnerabilities were found across several functionalities within MedDream PACS Premium 7.3.6.870. An attacker can exploit these by tricking an authenticated user into clicking a malicious URL, leading to the execution of arbitrary JavaScript code in the context of the user's session.
**Affected Functionalities (Examples):**
* `autoPurge functionality` (CVE-2025-54817)
* `downloadZip functionality` (CVE-2025-53516)
* `modifyUser functionality` (CVE-2025-54853)
* `config.php functionality` (CVE-2025-58087-CVE-2025-58095, covering multiple CVEs)
## Exploitation
- Status: Status not explicitly stated, but patched.
- Complexity: Requires sending a crafted URL to a victim.
- Attack Vector: Network (requires user interaction with the URL).
## Impact
- Confidentiality: Session hijacking, information disclosure.
- Integrity: User actions performed under the victim's session.
- Availability: Low to Medium.
## Remediation
### Patches
Vendor patches available for all 21 CVEs in versions newer than 7.3.6.870.
### Workarounds
None specified.
## Detection
No specific IoCs provided, but detection should focus on unusual or malicious parameters being passed in HTTP requests to the listed MedDream functions. Download latest Snort rules from snort.org for potential coverage.
## References
- Talos Advisories (Range):
- TALOS-2025-2253 to TALOS-2025-2273
- General Advisory: Located on Talos Intelligence’s website (https://talosintelligence.com/vulnerability_reports).