CVE-2025-29316

MEDIUM

DataPatrol Screenshot watermark <3.5.2.0 - Info Disclosure

Title source: llm

Description

An issue in DataPatrol Screenshot watermark, printing watermark agent v.3.5.2.0 allows a physically proximate attacker to obtain sensitive information. NOTE: the Supplier disputes the Print Job Watermark Bypass claim because the watermark is added by hooking into the OS printing mechanism, and thus is not supposed to be visible when previewing a "generated printout" on screen. The Supplier disputes the Screenshot Watermark Bypass claim because the product's documentation explains the step of setting Developer Tools to Disallowed through AD Group Policy.

References (2)

Core 2

Core References

Various Sources

https://app.filemail.com/d/fjyvgdkchxdzefl

Various Sources

https://gist.github.com/Donsat12/c9295859e6f7ce406b787ded72701ea4?short_path=0e57ef8

Scores

CVSS v3 6.2

EPSS 0.0017

EPSS Percentile 6.1%

Attack Vector LOCAL

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

CISA SSVC

Vulnrichment

Exploitation poc

Automatable no

Technical Impact partial

Details

CWE

CWE-200

Status published

Published Apr 17, 2025

Tracked Since Feb 18, 2026