EUVD-2025-34760

🗓️ 16 Oct 2025 13:58:21Reported by EUVDType

Authenticated attacker can exploit path traversal in FortiDLP Agent Outlookproxy on Windows to elevate to LocalService via crafted request.

Reporter	Title	Published	Views	Family All 8
Circl	CVE-2025-53951	16 Oct 202514:17	–	circl
CNNVD	Fortinet FortiDLP 路径遍历漏洞	16 Oct 202500:00	–	cnnvd
CVE	CVE-2025-53951	16 Oct 202513:58	–	cve
Cvelist	CVE-2025-53951	16 Oct 202513:58	–	cvelist
NVD	CVE-2025-53951	16 Oct 202514:15	–	nvd
OSV	CVE-2025-53951	16 Oct 202514:15	–	osv
RedhatCVE	CVE-2025-53951	17 Oct 202514:52	–	redhatcve
Vulnrichment	CVE-2025-53951	16 Oct 202513:58	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "bd79e59a-4cc6-3994-ac47-239cd7eefa3a",
        "vendor": {
          "name": "Fortinet"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "050850ce-1996-32fb-8c26-99279137e9ce",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.4.2 ≤11.4.6"
      },
      {
        "id": "1268c73b-5800-3d0f-8e75-49a10d3b441b",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.3.2 ≤11.3.4"
      },
      {
        "id": "24bf6ba9-27d6-33d1-bdee-ba148441c69e",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.2.3"
      },
      {
        "id": "28cd9707-98d5-3fed-ab75-46b5e45b571f",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "10.4.0"
      },
      {
        "id": "4367537c-b08b-3c3a-a228-1db1dd6511d1",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.1.1 ≤11.1.2"
      },
      {
        "id": "71a8db53-5fba-33a9-8cad-0035cc50d69b",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.0.1"
      },
      {
        "id": "7f46f92c-729d-38ce-a5d2-abc241223d50",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.5.1"
      },
      {
        "id": "95c9a10e-6ed3-3af6-a8c0-8586aac931d8",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "11.2.0"
      },
      {
        "id": "b2557551-f612-360a-8c39-e3d8da9057b9",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "10.3.1"
      },
      {
        "id": "f6daa713-8502-3acb-913a-2bdcc90712eb",
        "product": {
          "name": "FortiDLP"
        },
        "product_version": "10.5.1"
      }
    ]
  }
]

Source	Link
fortiguard	www.fortiguard.fortinet.com/psirt/FG-IR-25-628
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-53951

16 Oct 2025 14:37Current

6.2Medium risk

Vulners AI Score6.2

CVSS 3.15.3 - 7.8

EPSS0.00034

SSVC