Label with EU stars, 'Made in Europe' text.
~

Uncovering vulnerabilities in Foxit, Epic Games Store, and MedDreams: A cybersecurity deep dive

Feb 3, 2026 | Threat Intelligence Research

Foxit PDF Editor, Epic Games Store, and MedDream PACS Face Serious Vulnerabilities

Recent findings from Cisco Talos’ Vulnerability Discovery & Research team revealed several critical vulnerabilities across multiple platforms, including Foxit PDF Editor, Epic Games Store, and MedDream PACS. Each of these vulnerabilities has been addressed by the respective vendors.

Cisco Talos identified three vulnerabilities in Foxit PDF Editor, specifically impacting its installation via the Microsoft Store. TALOS-2025-2275 (CVE-2025-57779) allows a low-privilege user to exploit the installation process to gain elevated privileges. Additionally, two use-after-free vulnerabilities were discovered: TALOS-2025-2277 (CVE-2025-58085) and TALOS-2025-59488 (CVE-2025-59488), which can be triggered by JavaScript payloads in malicious PDFs. These vulnerabilities expose users to potential memory corruption and arbitrary code execution.

In the Epic Games Store, the TALOS-2025-2279 (CVE-2025-61973) vulnerability also permits local privilege escalation by allowing a low-privilege user to replace a DLL file during installation. This flaw similarly poses significant security risks within the software installation process.

MedDream PACS was found to have 21 reflected cross-site scripting (XSS) vulnerabilities, affecting version 7.3.6.870. Discovered by Marcin “Icewall” Noga, these vulnerabilities enable attackers to execute arbitrary JavaScript code through specially crafted URLs, thereby compromising user data and security.

This situation is critical as these vulnerabilities can lead to unauthorized access and potential exploitation, endangering sensitive information, particularly in environments like healthcare and gaming. Defenders must prioritize patching these vulnerabilities and implement network monitoring strategies to reduce the risk of exploitation.

Utilizing threat intelligence, SIEMs, firewalls, and regular vulnerability scans can enhance an organization’s security posture against such weaknesses.

Indicators of Compromise (IOCs):

  • CVEs:
    • CVE-2025-57779
    • CVE-2025-58085
    • CVE-2025-59488
    • CVE-2025-61973
  • Affected Product:
    • Foxit PDF Editor (via Microsoft Store)
    • Epic Games Store (via Microsoft Store)
    • MedDream PACS Premium 7.3.6.870

Click here for the full article

Try our Intelligence today!

Streamline your security operations with a free Q-Feeds trial and see the difference.

Activate free access

Other articles