CVE-2025-53950_CVE-2025-53950

5.1 / 10

MEDIUM

CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C

Description

An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user's email information.

Basic Information

ID CVE-2025-53950

Source fortinet

Published Oct 16, 2025 at 14:00

Modified Oct 16, 2025 at 14:22

Affected Product

Vendor Fortinet

Product FortiDLP

Version 11.5.1

Affected Versions Fortinet FortiDLP 11.5.1
Fortinet FortiDLP 11.4.2
Fortinet FortiDLP 11.3.2
Fortinet FortiDLP 11.2.3
Fortinet FortiDLP 11.2.0
Fortinet FortiDLP 11.1.1
Fortinet FortiDLP 11.0.1
Fortinet FortiDLP 10.5.1
Fortinet FortiDLP 10.4.0
Fortinet FortiDLP 10.3.1

CWE Classification

CWE-359

References

fortiguard.fortinet.com /psirt/FG-IR-25-639

{
    "lastseen": "",
    "description": "An Exposure of Private Personal Information ('Privacy Violation') vulnerability [CWE-359] in Fortinet FortiDLP Agent's Outlookproxy plugin for MacOS and Windows 11.5.1 and 11.4.2 through 11.4.6 and 11.3.2 through 11.3.4 and 11.2.0 through 11.2.3 and 11.1.1. through 11.1.2 and 11.0.1 and 10.5.1 and 10.4.0, and 10.3.1 may allow an authenticated administrator to collect current user's email information.",
    "published": "2025-10-16T14:00:05.329Z",
    "modified": "2025-10-16T14:22:55.551Z",
    "type": "cve",
    "title": "CVE-2025-53950",
    "source": "fortinet",
    "references": "https://fortiguard.fortinet.com/psirt/FG-IR-25-639",
    "id": "CVE-2025-53950",
    "bulletinFamily": "",
    "cwe": [
        "CWE-359"
    ],
    "cvelist": null,
    "sourceData": "Fortinet FortiDLP 11.5.1\nFortinet FortiDLP 11.4.2\nFortinet FortiDLP 11.3.2\nFortinet FortiDLP 11.2.3\nFortinet FortiDLP 11.2.0\nFortinet FortiDLP 11.1.1\nFortinet FortiDLP 11.0.1\nFortinet FortiDLP 10.5.1\nFortinet FortiDLP 10.4.0\nFortinet FortiDLP 10.3.1",
    "sourceHref": "",
    "cvss": {
        "score": 5.1,
        "severity": "MEDIUM",
        "vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:C/C:H/I:N/A:N/E:F/RL:O/RC:C",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "FortiDLP",
    "version": "11.5.1",
    "vendor": "Fortinet",
    "ai_description": "",
    "ai_severity": "",
    "ai_vendor": "",
    "ai_product": "",
    "ai_version": "",
    "ai_score": 0
}