CVE-2025-53899

Name of the Vulnerable Software and Affected Versions Kiteworks MFT versions prior to 9.1.0

Description Kiteworks MFT orchestrates end-to-end file transfer workflows. Versions of Kiteworks MFT before 9.1.0 have an issue where an incorrectly specified destination in a communication channel could allow an attacker with administrative privileges to intercept upstream communication, potentially leading to an escalation of privileges. This occurs under specific circumstances on the system.

Recommendations Update to version 9.1.0 or later.