SB2025101572 - Exposure of private information ('privacy violation') in FortiDLP Agent
Published: October 15, 2025
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 1 vulnerability.
1) Exposure of private information ('privacy violation') (CVE-ID: CVE-2025-53950)
CWE-ID: -
CVSSv4: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear
The vulnerability allows a local privileged user to gain access to sensitive information.
The vulnerability exists due to exposure of private information ('privacy violation'). An authenticated windows administrator can collect current user's email information.
Remediation
Install update from vendor's website.