PT-2025-42467 · Fortinet · Fortidlp

Published

2025-10-14

Updated

2025-10-16

CVE-2025-46752

CVSS v3.1

4.4

Medium

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N

Name of the Vulnerable Software and Affected Versions Fortinet FortiDLP versions 11.4.5 through 12.0.5 Fortinet FortiDLP version 11.5.1 Fortinet FortiDLP version 11.4.6

Description A flaw exists in Fortinet FortiDLP that allows for the disclosure of sensitive information through the reuse of an enrollment code, resulting in the insertion of sensitive data into log files. This could potentially provide an attacker with a foothold for lateral movement within a network.

Recommendations Update Fortinet FortiDLP to a version later than 12.0.5. Update Fortinet FortiDLP to a version later than 11.5.1. Update Fortinet FortiDLP to a version later than 11.4.6.

Fix

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-532

Related Identifiers

BDU:2026-05222

CVE-2025-46752

Affected Products

Fortidlp

PT-2025-42467 · Fortinet · Fortidlp

CVE-2025-46752

Weakness Enumeration

Related Identifiers

Affected Products

References · 7