Search
Find a vulnerability
Search criteria
8 vulnerabilities found for fortidlp_agent by fortinet
CVE-2025-54658 (GCVE-0-2025-54658)
Vulnerability from nvd – Published: 2025-10-16 13:55 – Updated: 2026-01-14 09:17
VLAI
Summary
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:41:21.620546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:41:32.560Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:22.326Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-54658",
"datePublished": "2025-10-16T13:55:28.898Z",
"dateReserved": "2025-07-28T09:23:38.062Z",
"dateUpdated": "2026-01-14T09:17:22.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53951 (GCVE-0-2025-53951)
Vulnerability from nvd – Published: 2025-10-16 13:58 – Updated: 2026-01-14 09:17
VLAI
Summary
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to LocalService via sending a crafted request to a local listening port.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53951",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:36:52.618969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:37:00.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to LocalService via sending a crafted request to a local listening port."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:22.420Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53951",
"datePublished": "2025-10-16T13:58:21.749Z",
"dateReserved": "2025-07-15T09:52:08.702Z",
"dateUpdated": "2026-01-14T09:17:22.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53950 (GCVE-0-2025-53950)
Vulnerability from nvd – Published: 2025-10-16 14:00 – Updated: 2026-01-14 09:18
VLAI
Summary
An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user's email information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:22:49.612036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:22:55.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Exposure of Private Personal Information (\u0027Privacy Violation\u0027) vulnerability [CWE-359] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user\u0027s email information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:18:09.818Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-639",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-639"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53950",
"datePublished": "2025-10-16T14:00:05.329Z",
"dateReserved": "2025-07-15T09:52:08.702Z",
"dateUpdated": "2026-01-14T09:18:09.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46752 (GCVE-0-2025-46752)
Vulnerability from nvd – Published: 2025-10-16 14:00 – Updated: 2026-01-14 09:17
VLAI
Summary
A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
12.0.4 , ≤ 12.0.5
(semver)
Affected: 12.0.2 Affected: 12.0.0 Affected: 11.5.1 Affected: 11.4.5 , ≤ 11.4.6 (semver) cpe:2.3:a:fortinet:fortidlp:12.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:20:20.963552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:20:31.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:12.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "12.0.5",
"status": "affected",
"version": "12.0.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.5",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:01.488Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-160",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-160"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.1.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46752",
"datePublished": "2025-10-16T14:00:30.930Z",
"dateReserved": "2025-04-29T00:20:46.508Z",
"dateUpdated": "2026-01-14T09:17:01.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-46752 (GCVE-0-2025-46752)
Vulnerability from cvelistv5 – Published: 2025-10-16 14:00 – Updated: 2026-01-14 09:17
VLAI
Summary
A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-532 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
12.0.4 , ≤ 12.0.5
(semver)
Affected: 12.0.2 Affected: 12.0.0 Affected: 11.5.1 Affected: 11.4.5 , ≤ 11.4.6 (semver) cpe:2.3:a:fortinet:fortidlp:12.0.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:12.0.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-46752",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:20:20.963552Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:20:31.156Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:12.0.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:12.0.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"lessThanOrEqual": "12.0.5",
"status": "affected",
"version": "12.0.4",
"versionType": "semver"
},
{
"status": "affected",
"version": "12.0.2"
},
{
"status": "affected",
"version": "12.0.0"
},
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.5",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A insertion of sensitive information into log file in Fortinet FortiDLP 12.0.0 through 12.0.5, 11.5.1, 11.4.6, 11.4.5 allows attacker to information disclosure via re-using the enrollment code."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 4.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N/E:P/RL:U/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:01.488Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-160",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-160"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.1.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-46752",
"datePublished": "2025-10-16T14:00:30.930Z",
"dateReserved": "2025-04-29T00:20:46.508Z",
"dateUpdated": "2026-01-14T09:17:01.488Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53950 (GCVE-0-2025-53950)
Vulnerability from cvelistv5 – Published: 2025-10-16 14:00 – Updated: 2026-01-14 09:18
VLAI
Summary
An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user's email information.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-359 - Information disclosure
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53950",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:22:49.612036Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:22:55.551Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Exposure of Private Personal Information (\u0027Privacy Violation\u0027) vulnerability [CWE-359] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user\u0027s email information."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 5.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-359",
"description": "Information disclosure",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:18:09.818Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-639",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-639"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53950",
"datePublished": "2025-10-16T14:00:05.329Z",
"dateReserved": "2025-07-15T09:52:08.702Z",
"dateUpdated": "2026-01-14T09:18:09.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-53951 (GCVE-0-2025-53951)
Vulnerability from cvelistv5 – Published: 2025-10-16 13:58 – Updated: 2026-01-14 09:17
VLAI
Summary
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to LocalService via sending a crafted request to a local listening port.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: partial
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53951",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:36:52.618969Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:37:00.457Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to LocalService via sending a crafted request to a local listening port."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:22.420Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-53951",
"datePublished": "2025-10-16T13:58:21.749Z",
"dateReserved": "2025-07-15T09:52:08.702Z",
"dateUpdated": "2026-01-14T09:17:22.420Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54658 (GCVE-0-2025-54658)
Vulnerability from cvelistv5 – Published: 2025-10-16 13:55 – Updated: 2026-01-14 09:17
VLAI
Summary
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability [CWE-22] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port.
Severity
SSVC
Exploitation: none
Automatable: no
Technical Impact: total
CISA Coordinator (v2.0.3)
CWE
- CWE-22 - Escalation of privilege
Assigner
References
1 reference
Impacted products
1 product
| Vendor | Product | Version | |
|---|---|---|---|
| Fortinet | FortiDLP |
Affected:
11.5.1
Affected: 11.4.2 , ≤ 11.4.6 (semver) Affected: 11.3.2 , ≤ 11.3.4 (semver) Affected: 11.2.3 Affected: 11.2.0 Affected: 11.1.1 , ≤ 11.1.2 (semver) Affected: 11.0.1 Affected: 10.5.1 Affected: 10.4.0 Affected: 10.3.1 cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:* cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:* |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54658",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-16T14:41:21.620546Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-16T14:41:32.560Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:fortinet:fortidlp:11.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.6:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.5:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.4.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.4:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.3.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.3:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.2.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.2:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.1.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:11.0.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.5.1:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.4.0:*:*:*:*:*:*:*",
"cpe:2.3:a:fortinet:fortidlp:10.3.1:*:*:*:*:*:*:*"
],
"defaultStatus": "unaffected",
"product": "FortiDLP",
"vendor": "Fortinet",
"versions": [
{
"status": "affected",
"version": "11.5.1"
},
{
"lessThanOrEqual": "11.4.6",
"status": "affected",
"version": "11.4.2",
"versionType": "semver"
},
{
"lessThanOrEqual": "11.3.4",
"status": "affected",
"version": "11.3.2",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.2.3"
},
{
"status": "affected",
"version": "11.2.0"
},
{
"lessThanOrEqual": "11.1.2",
"status": "affected",
"version": "11.1.1",
"versionType": "semver"
},
{
"status": "affected",
"version": "11.0.1"
},
{
"status": "affected",
"version": "10.5.1"
},
{
"status": "affected",
"version": "10.4.0"
},
{
"status": "affected",
"version": "10.3.1"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "An Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027) vulnerability [CWE-22] in Fortinet FortiDLP Agent\u0027s Outlookproxy plugin for MacOS 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1 through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated attacker to escalate their privilege to Root via sending a crafted request to a local listening port."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H/E:F/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-22",
"description": "Escalation of privilege",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-01-14T09:17:22.326Z",
"orgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"shortName": "fortinet"
},
"references": [
{
"name": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628",
"url": "https://fortiguard.fortinet.com/psirt/FG-IR-25-628"
}
],
"solutions": [
{
"lang": "en",
"value": "Upgrade to FortiDLP version 12.0.0 or above"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "6abe59d8-c742-4dff-8ce8-9b0ca1073da8",
"assignerShortName": "fortinet",
"cveId": "CVE-2025-54658",
"datePublished": "2025-10-16T13:55:28.898Z",
"dateReserved": "2025-07-28T09:23:38.062Z",
"dateUpdated": "2026-01-14T09:17:22.326Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}