CVE-2024-30350 is a security vulnerability identified in Foxit PDF Reader version 2023.3.0.23028, specifically involving an out-of-bounds read (CWE-125) in the processing of Annotation objects within PDF files. The vulnerability arises due to insufficient validation of user-supplied data, which leads the software to read memory beyond the allocated buffer boundaries. This memory disclosure can leak sensitive information from the process memory space. The attack vector requires user interaction, such as opening a maliciously crafted PDF or visiting a malicious webpage that triggers the vulnerability. Although the direct impact is limited to information disclosure, the vulnerability can be leveraged in combination with other security flaws to execute arbitrary code within the context of the Foxit PDF Reader process. The CVSS v3.0 base score is 3.3, reflecting low severity primarily because exploitation requires user interaction and the impact on confidentiality is limited, with no direct integrity or availability impact. No patches or fixes have been publicly linked yet, and no known exploits are reported in the wild. The vulnerability was reported by the Zero Day Initiative (ZDI) under the identifier ZDI-CAN-22708 and publicly disclosed on April 2, 2024.

The primary impact of CVE-2024-30350 is the potential disclosure of sensitive information from the memory space of the Foxit PDF Reader process. This could include data such as user credentials, session tokens, or other confidential information present in memory at the time of exploitation. Although the vulnerability itself does not allow direct code execution or system compromise, it lowers the barrier for attackers to chain this flaw with other vulnerabilities to achieve full system compromise. Organizations relying on Foxit PDF Reader for document handling may face risks of data leakage, especially if users open untrusted PDFs. The requirement for user interaction limits large-scale automated exploitation, but targeted attacks against high-value individuals or organizations remain a concern. The absence of known exploits in the wild reduces immediate risk, but the vulnerability's presence in a widely used PDF reader means it could be weaponized in the future. Overall, the impact is low to moderate depending on the context and presence of other exploitable vulnerabilities.

1. Monitor Foxit Software announcements closely and apply security patches promptly once available for the affected version 2023.3.0.23028. 2. Until patches are released, restrict the use of Foxit PDF Reader to trusted documents only and educate users about the risks of opening PDFs from unknown or untrusted sources. 3. Employ application whitelisting and sandboxing techniques to limit the ability of Foxit PDF Reader to access sensitive system resources or escalate privileges if exploited. 4. Use endpoint detection and response (EDR) tools to monitor for unusual behavior or memory access patterns indicative of exploitation attempts. 5. Consider deploying network-level protections such as email filtering and web proxy controls to block malicious PDFs and URLs. 6. Review and harden security policies around document handling workflows, especially in high-risk environments. 7. Conduct regular security awareness training emphasizing the dangers of opening unsolicited attachments or links. 8. If possible, use alternative PDF readers with a better security track record until this vulnerability is resolved.