CVE-2025-53896

CVSS v3.1

7.1

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0

Description Kiteworks MFT orchestrates end-to-end file transfer workflows. A flaw exists where a user’s active session may not properly time out due to inactivity under certain circumstances. This issue was addressed in version 9.1.0.

Recommendations Upgrade to version 9.1.0 or later.

Fix

Insufficient Session Expiration

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-613

Related Identifiers

CVE-2025-53896

Affected Products

Kiteworks Mft

CVE-2025-53896

Weakness Enumeration

Related Identifiers

Affected Products

References · 3