Vulnerability Report Attacks bypassing the signature validation in PDF (Shadow Attacks)

Christian Mainka, Vladislav Mladenov, Simon Rohlmann, Jörg Schwenk


Digitally signed PDFs are used in contracts, bills, and agreements to guarantee the authenticity and integrity of their content. A typical user would assume that digitally signed PDF files are final and cannot be further modified. However, various changes like adding annotations to a signed PDF or filling out form fields are allowed and do not invalidate PDF signatures.

In this report, we show that this flexibility allows attackers to completely change a document’s content while keeping the original signature validation status untouched. Our attacks work in a novel attacker model, which allows attackers hiding content in a PDF. After signing this PDF by a benign entity, the attackers reveal the hidden content by using permitted manipulations. Our results reveal that out of 27 tested PDF viewers, 15 of them.