Main Vulnerability Database Vulnerabilities #VU117213

Exposure of private information ('privacy violation') in FortiDLP Agent - CVE-2025-53950

Published: October 15, 2025

Vulnerability identifier: #VU117213

CSH Severity: Low

CVSS v4.0: CVSS:4.0/AV:L/AC:L/AT:N/PR:H/UI:A/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear

CVE-ID: CVE-2025-53950

CWE-ID:

Exploitation vector: Local access

Exploit availability: No public exploit available

Vendor: Fortinet, Inc

Affected software:
FortiDLP Agent

Detailed vulnerability description

The vulnerability allows a local privileged user to gain access to sensitive information.

The vulnerability exists due to exposure of private information ('privacy violation'). An authenticated windows administrator can collect current user's email information.

How to mitigate CVE-2025-53950

Install update from vendor's website.

Sources

https://www.fortiguard.com/psirt/FG-IR-25-639

Exposure of private information ('privacy violation') in FortiDLP Agent - CVE-2025-53950

Detailed vulnerability description

How to mitigate CVE-2025-53950

Sources

Please verify you're human