Primary

Context

Kiteworks MFT Privilege Escalation Vulnerability

Vulnerability

Patched

A privilege escalation vulnerability has been identified in Kiteworks MFT versions prior to 9.1.0. The issue arises from an unfavorable definition of roles and permissions in managing Connections, which could lead to unexpected escalation of privileges for authorized users.

Impact

Exploitation of this vulnerability could allow authorized users to gain elevated privileges, potentially leading to unauthorized access or actions within the application.

Remediation

Users are advised to upgrade Kiteworks MFT to version 9.1.0 or later.

Added: Nov 29, 2025, 3:23 AM

Updated: Nov 29, 2025, 3:23 AM

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

5.4

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.2

impact

2.5

exploitability

5.4

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Kiteworks MFT Privilege Escalation Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Kiteworks MFT

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating