CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2025-53899

Kiteworks MFT orchestrates end-to-end file transfer workflows. Prior to version 9.1.0, the back-end of Kiteworks MFT is vulnerable to an incorrectly specified destination in a communication channel which allows an attacker with administrative privileges on the system under certain circumstances to intercept upstream communication which could lead to an escalation of privileges. This issue has been patched in version 9.1.0.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.0

EPSS Ranking 10.2%

CVSS Severity

CVSS v3 Score 7.2

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gx5-vcpp-8cr5

Products affected by CVE-2025-53899

Accellion » Kiteworks Managed File Transfer » Version: N/A

cpe:2.3:a:accellion:kiteworks_managed_file_transfer:-
Accellion » Kiteworks Managed File Transfer » Version: 7.6

cpe:2.3:a:accellion:kiteworks_managed_file_transfer:7.6

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2025-53899

Products

Pricing

Contact Us