CVE-2025-53939

CVSS v3.1

6.3

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Kiteworks versions prior to 9.1.0

Description Kiteworks is a private data network. Before version 9.1.0, insufficient input validation during the management of shared folder roles could result in unintended privilege escalation for other users on the share.

Recommendations Update to version 9.1.0 or later.

Fix

LPE

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-20

Related Identifiers

CVE-2025-53939

Affected Products

Kiteworks

CVE-2025-53939

Weakness Enumeration

Related Identifiers

Affected Products

References · 3