CVE-2025-29316

An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus is not supposed to be visible when previewing a "generated printout" on screen. The Supplier disputes the Screenshot Watermark Bypass claim because the product's documentation explains the step of setting Developer Tools to Disallowed through AD Group Policy.

CVSS v3 6.2 MEDIUM

6.2^/10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 2.5 / Impact : 3.6

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://app.filemail.com/d/fjyvgdkchxdzefl
https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8
https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8

Configurations

No configuration.

History

05 May 2025, 18:15

Type	Values Removed	Values Added
Summary	~~(en) An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information~~	(en) An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus is not supposed to be visible when previewing a "generated printout" on screen. The Supplier disputes the Screenshot Watermark Bypass claim because the product's documentation explains the step of setting Developer Tools to Disallowed through AD Group Policy.

22 Apr 2025, 15:16

Type	Values Removed	Values Added
Summary		(es) Un problema en DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 permite que un atacante físicamente próximo obtenga información confidencial
CVSS	v2 : ~~unknown~~ v3 : ~~unknown~~	v2 : unknown v3 : 6.2
CWE		CWE-200
References	~~() https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8 -~~	() https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8 -

17 Apr 2025, 19:16

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-04-17 19:16

Updated : 2025-05-05 18:15

NVD link : CVE-2025-29316

Mitre link : CVE-2025-29316

CVE.ORG link : CVE-2025-29316

JSON object : View

Products Affected

No product.

CWE

CWE-200

Exposure of Sensitive Information to an Unauthorized Actor

{"id": "CVE-2025-29316", "cveTags": [{"tags": ["disputed"], "sourceIdentifier": "cve@mitre.org"}], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 6.2, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "HIGH"}, "impactScore": 3.6, "exploitabilityScore": 2.5}]}, "published": "2025-04-17T19:16:08.913", "references": [{"url": "https://app.filemail.com/d/fjyvgdkchxdzefl", "source": "cve@mitre.org"}, {"url": "https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8", "source": "cve@mitre.org"}, {"url": "https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Awaiting Analysis", "weaknesses": [{"type": "Secondary", "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "description": [{"lang": "en", "value": "CWE-200"}]}], "descriptions": [{"lang": "en", "value": "An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus is not supposed to be visible when previewing a \"generated printout\" on screen. The Supplier disputes the Screenshot Watermark Bypass claim because the product's documentation explains the step of setting Developer Tools to Disallowed through AD Group Policy."}, {"lang": "es", "value": "Un problema en DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 permite que un atacante f\u00edsicamente pr\u00f3ximo obtenga informaci\u00f3n confidencial"}], "lastModified": "2025-05-05T18:15:41.723", "sourceIdentifier": "cve@mitre.org"}

6.2 /10