PatchSiren

PatchSiren cyber security CVE debrief

CVE-2016-8711 Gonitro CVE debrief

CVE-2016-8711 describes a high-severity issue in Nitro Pro 10 / Nitro PDF Pro PDF parsing. According to NVD, a specially crafted PDF can trigger potential code execution, and the affected range extends through version 10.5.9.9. The CVSS 3.1 vector (AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H) indicates the attack depends on user interaction: a victim must open or process the malicious PDF on the local endpoint.

Vendor
Gonitro
Product
CVE-2016-8711
CVSS
HIGH 7.8
CISA KEV
Not listed in stored evidence
Original CVE published
2017-02-10
Original CVE updated
2026-05-13
Advisory published
2017-02-10
Advisory updated
2026-05-13

Who should care

Security teams that manage Nitro Pro 10 or Nitro PDF Pro on Windows endpoints, especially environments where users regularly open untrusted PDFs. Endpoint management, patching, and email/web gateway teams should treat this as relevant because exploitation depends on user opening a crafted document.

Technical summary

NVD lists CVE-2016-8711 as affecting gonitro:nitro_pdf_pro through version 10.5.9.9. The issue is in PDF parsing and can result in potential code execution after a specially crafted PDF is handled by Nitro Pro. The published CVSS 3.1 vector is AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H, which aligns with a user-driven local execution scenario rather than a fully unattended network exploit. NVD also records the weakness as NVD-CWE-noinfo, so the public corpus does not provide a more specific CWE classification.

Defensive priority

High for any environment that still runs affected Nitro Pro 10 builds. Prioritize prompt upgrade or removal because the impact can include code execution, and exploitation only needs a crafted PDF plus user interaction.

Recommended defensive actions

  • Inventory all Nitro Pro / Nitro PDF Pro installations and confirm whether any system is at version 10.5.9.9 or earlier.
  • Upgrade to a vendor version newer than the affected range, or remove the product where it is no longer required.
  • Restrict opening of untrusted PDFs on endpoints that still have the affected software.
  • Use email and web filtering to reduce delivery of malicious PDF attachments and links.
  • Apply least privilege on endpoints so user-triggered code execution has less impact.
  • Monitor for unexpected PDF-related crashes or anomalous child processes spawned by the PDF application.

Evidence notes

The debrief is based on the official NVD record for CVE-2016-8711 and the Talos references listed in NVD metadata. NVD identifies the affected CPE as gonitro:nitro_pdf_pro with version end including 10.5.9.9 and records the CVSS 3.1 vector AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H. NVD also cites Talos technical description reference TALOS-2016-0224. No exploit code or remediation details beyond the version range were used.

Official resources

CVE published on 2017-02-10 and modified on 2026-05-13. This debrief uses the CVE publication date for timing context and the supplied NVD modification date only as record metadata.