A high-severity vulnerability in Unidocs ezPDF Reader products could allow an attacker to compromise the user's system through a specially crafted PDF document.

The vulnerability involves a flaw in how the ezPDF Reader handles specific document structures or DRM components. With a CVSS score of 7.0, it is likely that an attacker can achieve unauthorized actions by tricking a user into opening a malicious file.

Exploitation of this flaw could lead to the compromise of sensitive documents, unauthorized access to the host system, and the potential for malware installation. For organizations relying on these readers for DRM-protected content, this poses a significant risk to document confidentiality and endpoint security.

Immediate Action: Update all installations of ezPDF DRM Reader and ezPDF Reader to the latest patched version provided by Unidocs.

Proactive Monitoring: Monitor for unusual process activity originating from the PDF reader application and use endpoint detection and response (EDR) tools to identify malicious behavior.

Compensating Controls: Implement file-type filtering at the email gateway and advise users against opening PDF documents from untrusted or unknown sources.

Public Exploit Available: false

The high severity of this vulnerability requires timely patching of all affected software. Administrators should ensure that the primary remediation is applied across all endpoints to mitigate the risk of a successful document-based attack.