Symantec DLP and CVE-2025-70873
search cancel

Symantec DLP and CVE-2025-70873

book

Article ID: 442231

calendar_today

Updated On:

Products

Data Loss Prevention Core Package

Issue/Introduction

When running a vulnerability scan against the DLP Endpoint Agent, the following was reported:

Plugin Name: SQLite <= 3.51.1 Information Disclosure
Plugin ID: #####
CVE: CVE-2025-70873
Location: C:\program files (x86)\manufacturer\endpoint agent\flexlibimport\pystdext\sqlite3.dll
Details:
Path: : C:\Program Files (x86)\Manufacturer\Endpoint Agent\FlexLibImport\pystdext\sqlite3.dll
  Installed version       : 3.28.0.0
  Fixed version           : 3.51.2
  Potential Vulnerability : Component

Solution: Upgrade to SQLite 3.51.2 or later.

Is the DLP Endpoint agent impacted by this CVE?

Environment

Symantec Data Loss Prevention Endpoint Agent

Cause

The DLP Endpoint agent does not use the affected SQLite function and hence is not impacted.

Resolution

The DLP Endpoint is not impacted by CVE-2025-70873

Powered by Wolken Software