Instituto Nacional de ciberseguridad. Sección Incibe
Instituto Nacional de Ciberseguridad. Sección INCIBE-CERT

Go to Calendar     Go to Press Room     Go to Newsletters subscription

Search

Multiple vulnerabilities in UPDF

Posted date 10/09/2025
Identificador
INCIBE-2025-0491
Importance
4 - High
Affected Resources
  • UPDF, 1.8.5.0 version.
Description

INCIBE has coordinated the publication of three high-severity vulnerabilities affecting UPDF, a PDF editor. The vulnerabilities were discovered by Alexander Huaman Jaimes.

These vulnerabilities have been assigned the following codes, CVSS v4.0 base score, CVSS vector, and CWE vulnerability type for each vulnerability:

  • from CVE-2025-10213 to CVE-2025-10215: CVSS v4.0: 7 | CVSS AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N | CWE-427 
Solution

No solution has been reported at this time.

Detail

DLL search path hijacking vulnerability in the UPDF.exe executable for Windows version 1.8.5.0 allows attackers with local access to execute arbitrary code by placing a DLL file of their choice, which could lead to arbitrary code execution and persistence. The relationship between DLL files, directories, and assigned identifiers is as follows:

  • CVE-2025-10213: dxtn.dll file in the 'C:\Users\<user>\AppData\Local\Microsoft\WindowsApps\' directory.
  • CVE-2025-10214: FREngine.dll file in the 'C:\Users\<user>\AppData\Local\UPDF\FREngine\Bin64\' directory.
  • CVE-2025-10215: FREngine.dll file in the 'C:\Users\Public\AppData\Local\UPDF\FREngine\Bin64\' directory.
CVE
Explotación
No
References list
https://updf.com/
Etiquetas