CVE-2025-53951

Name of the Vulnerable Software and Affected Versions Fortinet FortiDLP Agent versions 10.3.1, 10.4.0, 10.5.1, 11.0.1, 11.1.1 through 11.1.2, 11.2.0 through 11.2.3, 11.3.2 through 11.3.4, 11.4.2 through 11.4.6, and 11.5.1

Description An issue exists in Fortinet FortiDLP Agent’s Outlookproxy plugin that could allow an authenticated attacker to gain LocalService privileges. This is due to an improper limitation of a pathname to a restricted directory, also known as a Path Traversal flaw. The attacker can achieve this by sending a specially crafted request to a local listening port.

Recommendations Update Fortinet FortiDLP Agent to a version newer than 11.5.1. Update Fortinet FortiDLP Agent to a version newer than 11.4.6. Update Fortinet FortiDLP Agent to a version newer than 11.3.4. Update Fortinet FortiDLP Agent to a version newer than 11.2.3. Update Fortinet FortiDLP Agent to a version newer than 11.1.2. Update Fortinet FortiDLP Agent to a version newer than 11.0.1. Update Fortinet FortiDLP Agent to a version newer than 10.5.1. Update Fortinet FortiDLP Agent to a version newer than 10.4.0. Update Fortinet FortiDLP Agent to a version newer than 10.3.1.