CNNVD-202511-3045 Information

CNNVD ID

CNNVD-202511-3045

Related CVE

CVE-2025-53899

• CNNVD Published: 2025-11-29

Description (Chinese)

Kiteworks Mft是美国Kiteworks公司的一个安全管理内部和外部数据传输的软件。 Kiteworks MFT 9.1.0之前版本存在安全漏洞，该漏洞源于通信信道目标定义不当，可能导致权限提升。

Description (English)

Kiteworks Mft is a software for the secure management of internal and external data transmissions by the United States company Kiteworks. There was a security loophole in the pre-Kiteworks MFT 9.1.0 version, which resulted from an inappropriate definition of the target of the channel, which could lead to increased privileges.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

Kiteworks

Published

2025-11-29

Last Modified

2026-02-24

References

https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gx5-vcpp-8cr5 https://access.redhat.com/security/cve/cve-2025-53899

Patch

https://www.kiteworks.com/platform/simple/managed-file-transfer/