Concise Cyber

Subscribe below for free to get these delivered straight to your inbox

Advertisements
Cisco Talos Discloses Foxit PDF Editor, Epic Games Store, and MedDream PACS Vulnerabilities
Advertisements

Cisco Talos’ Vulnerability Discovery & Research team has disclosed a set of patched vulnerabilities affecting Foxit PDF Editor, Epic Games Store, and MedDream PACS. According to Talos, the issues were reported under Cisco’s third-party vulnerability disclosure policy and have been addressed by the respective vendors. The findings include privilege escalation flaws, use-after-free conditions, and a large set of reflected cross-site scripting issues.

Foxit PDF Editor: privilege escalation and use-after-free issues

Talos identified three vulnerabilities in Foxit PDF Editor. One of them, TALOS-2025-2275, tracked as CVE-2025-57779, is a privilege escalation issue affecting installation of Foxit PDF Editor via the Microsoft Store. Talos said a low-privilege user can replace files during the installation process, which may result in elevation of privileges.

The other two Foxit findings are use-after-free vulnerabilities in Foxit Reader. TALOS-2025-2277, CVE-2025-58085, affects the way Foxit Reader handles a Barcode field object. TALOS-2025-2278, CVE-2025-59488, affects the way Foxit Reader handles a Text Widget field object. Talos said specially crafted JavaScript code inside a malicious PDF document can trigger these issues, potentially leading to memory corruption and arbitrary code execution. A user would need to be tricked into opening the malicious file, and exploitation is also possible if a user visits a specially crafted malicious site when the browser plugin extension is enabled.

Epic Games Store: local privilege escalation during installation

Talos also disclosed TALOS-2025-2279, CVE-2025-61973, a local privilege escalation vulnerability in the installation of Epic Games Store via the Microsoft Store. Epic Games Store is described by Talos as a storefront application for purchasing and accessing video games.

In this case, Talos said a low-privilege user can replace a DLL file during the installation process, which may result in elevation of privileges. The source material does not confirm any additional exploitation prerequisites beyond the installation-stage file replacement behavior described by Talos.

MedDream PACS: 21 reflected XSS vulnerabilities

The third part of the disclosure covers MedDream PACS Premium 7.3.6.870. Talos said it found 21 reflected cross-site scripting vulnerabilities across several functions of the product. MedDream PACS is a medical-integration system for archiving and communicating about DICOM 3.0 compliant images.

According to Talos, an attacker can provide a specially crafted URL to trigger these vulnerabilities, which can lead to arbitrary JavaScript code execution. The root cause for each affected function was not described beyond the reflected XSS behavior itself.

  • TALOS-2025-2253 (CVE-2025-54817): autoPurge functionality
  • TALOS-2025-2254 (CVE-2025-53516): downloadZip functionality
  • TALOS-2025-2255 (CVE-2025-54495): emailfailedjob functionality
  • TALOS-2025-2256 (CVE-2025-54157): encapsulatedDoc functionality
  • TALOS-2025-2257 (CVE-2025-54778): existingUser functionality
  • TALOS-2025-2258 (CVE-2025-46270): fetchPriorStudies functionality
  • TALOS-2025-2259 (CVE-2025-55071): modifyAnonymize functionality
  • TALOS-2025-2260 (CVE-2025-54852): modifyAeTitle functionality
  • TALOS-2025-2261 (CVE-2025-54814): modifyAutopurgeFilter functionality
  • TALOS-2025-2262 (CVE-2025-54861): modifyCoercion functionality
  • TALOS-2025-2263 (CVE-2025-57881): modifyEmail functionality
  • TALOS-2025-2264 (CVE-2025-58080): modifyHL7App functionality
  • TALOS-2025-2265 (CVE-2025-53854): modifyHL7Route functionality
  • TALOS-2025-2266 (CVE-2025-57787): modifyRoute functionality
  • TALOS-2025-2267 (CVE-2025-53707): modifyTranscript functionality
  • TALOS-2025-2268 (CVE-2025-54853): modifyUser functionality
  • TALOS-2025-2269 (CVE-2025-57786): notifynewstudy functionality
  • TALOS-2025-2270 (CVE-2025-44000): sendOruReport functionality
  • TALOS-2025-2271 (CVE-2025-58087-CVE-2025-58095): config.php functionality
  • TALOS-2025-2272 (CVE-2025-36556): ldapUser functionality
  • TALOS-2025-2273 (CVE-2025-53912): encapsulatedDoc functionality

What the disclosure means for users

Talos said all of the vulnerabilities mentioned in the blog post have been patched by their respective vendors. The company also noted that Snort coverage capable of detecting exploitation can be obtained by downloading the latest rule sets from Snort.org, and that its latest vulnerability advisories are posted on the Talos Intelligence website.

For affected organizations and users, the key takeaway is straightforward: these issues involve software that can be used in common desktop, gaming, and medical-imaging workflows, and the disclosed vulnerabilities include both privilege escalation and code-execution risks. However, the source material confirms that fixes are already available from the vendors.

Conclusion

Cisco Talos’ latest disclosure highlights patched vulnerabilities across Foxit PDF Editor, Epic Games Store, and MedDream PACS. The reported issues range from installation-time privilege escalation to use-after-free and reflected XSS flaws. Based on the source information, the vendors have already patched the vulnerabilities, and Talos has provided detection guidance through Snort rule updates.

All articles are written here with the help of AI on the basis of openly available information which cannot be independently verified. We do strive to quote the relevant sources.The intent is only to summarise what is already reported in public forum in our own wordswith no intention to plagarise or copy other person’s work.The publisher has no intent to defame or cause offence to anyone, any person or any organisation at any moment.The publisher assumes no responsibility for any damage or loss caused by making decisions on the basis of whatever is published on cyberconcise.com.You’re advised to do your own checks and balances before making any decision, and owners and publishers at cyberconcise.com cannot be held accountable for its resulting ramifications.If you have any objections, concerns or point out anything factually incorrect, please reach out using the form on https://concisecyber.com/about/

Discover more from Concise Cyber

Subscribe now to keep reading and get access to the full archive.

Continue reading