CVE-2025-53899

CVSS v3.1

7.2

Vector

AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0

Description Kiteworks MFT orchestrates end-to-end file transfer workflows. Versions of Kiteworks MFT before 9.1.0 have an issue where an incorrectly specified destination in a communication channel could allow an attacker with administrative privileges to intercept upstream communication, potentially leading to an escalation of privileges. This occurs under specific circumstances on the system.

Recommendations Update to version 9.1.0 or later.

Fix

LPE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-941

Related Identifiers

CVE-2025-53899

Affected Products

Kiteworks Mft

CVE-2025-53899

Weakness Enumeration

Related Identifiers

Affected Products

References · 3