#USA #Fremont #Security #Foxit #CVE

Foxit Authorized as a CVE Numbering Authority

FREMONT, Calif., Oct. 29, 2025 – Foxit, a leading global provider of PDF and document productivity solutions, has recently received official recognition as a CVE Numbering Authority (CNA) by the Common Vulnerabilities and Exposures (CVE) Program. This milestone in the company's journey empowers Foxit to assign CVE Identifiers (IDs) and publish CVE Records for security vulnerabilities found within its range of products. This change significantly enhances the transparency and efficiency of vulnerability disclosure across its global client base, which includes enterprises and governmental agencies.

Taking Control of Vulnerability Management

With this CNA status, Foxit is positioning itself to take a proactive stance in the long-term management of product security. This designation fosters a commitment to upholding global standards in vulnerability detection, demonstrating Foxit's dedication to addressing security challenges head-on. Derek O'Neill, the Director of Data Privacy and Information Security at Foxit, emphasized the impact of this recognition by stating, "Becoming a CNA is a crucial step in advancing our product security program and strengthens our dedication to global security standards."

The certificate not only helps Foxit respond more swiftly to security flaws but also ensures that each vulnerability is immediately recognized and tracked through a standardized CVE ID. This allows the company to efficiently manage the inherent vulnerability lifecycle of its products, leading to faster patch releases and advisories, ultimately enhancing customer protection.

Key Advantages of Foxit's CNA Designation

1. Faster Response to Vulnerabilities: With direct authority over ID assignments, Foxit can significantly reduce the turnaround time between vulnerability discoveries and public notifications, enabling prompt customer awareness.
2. Enhanced Transparency: The ability to provide official CVE Records arm security analysts and customers with standardized, clear information regarding vulnerabilities impacting Foxit products, enhancing trust.
3. Streamlined Collaboration: Foxit can now better collaborate with independent security researchers during the disclosure process, ensuring that appropriate credit is given while simultaneously protecting users from potential zero-day exploits.

Commitment to the Global Cybersecurity Community

The CVE Program, supported by the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency (CISA), represents a collective initiative to define, identify, and catalog publicly known cybersecurity vulnerabilities. Foxit’s participation in this initiative is not just a testament to its commitment to secure practices but also positions it alongside numerous organizations worldwide that strive for improved cybersecurity measures.

Foxit is enthusiastic about fostering a more secure ecosystem and continues to encourage security researchers to report any potential vulnerabilities through its established disclosure channel, available at www.foxit.com/support/security.

About Foxit

Founded to empower knowledge workers, Foxit is a premier provider of PDF and eSignature solutions that enhance productivity and document management across globally dispersed teams. With desktop software, mobile applications, and cloud services, Foxit enables users to seamlessly create, edit, fill, and sign documents. Additionally, the company allows software developers to integrate innovative PDF technology into their applications via powerful Software Developer Kits (SDKs). Currently, Foxit serves over 640,000 customers, ranging from small and medium-sized businesses to large enterprises, across more than 200 countries. Its global presence includes offices in the U.S., Europe, Australia, and Asia. For further information, visit Foxit's official website.