CVE-2026-55408
koodo-reader · koodo-reader
Koodo Reader is susceptible to a code injection vulnerability, which can be triggered when a user opens a malicious file, leading to potential arbitrary code execution.
Executive summary
A high-severity code injection vulnerability in Koodo Reader allows attackers to execute arbitrary code on the host system if a user interacts with a specially crafted file.
Vulnerability
This is a code injection vulnerability (CWE-94) where the application improperly processes input files. The vulnerability requires user interaction, where an attacker must trick a user into opening a malicious file with the application.
Business impact
If exploited, this vulnerability could allow an attacker to gain execution capabilities within the context of the user running the application. This could lead to unauthorized access to personal files, installation of malware, or further compromise of the workstation. With a CVSS score of 8.4, the risk is substantial for any environment where Koodo Reader is utilized for processing untrusted or externally sourced ebook files.
Remediation
Immediate Action: Update Koodo Reader to version 2.3.1 or later to mitigate the code injection risk.
Proactive Monitoring: Monitor for unexpected application crashes or anomalous process behavior when opening documents.
Compensating Controls: Employ endpoint security solutions to scan downloaded files for malicious content before they are opened in the reader application.
Exploitation status
Public Exploit Available: false
Analyst recommendation
Users should immediately update to the patched version of Koodo Reader. It is essential to exercise caution when handling files from untrusted sources to prevent the triggering of this vulnerability while the update is being deployed.