Plateforme
other
Composant
kiteworks-mft
Corrigé dans
9.1.1
CVE-2025-53897 describes a Cross-Site Request Forgery (CSRF) vulnerability affecting Kiteworks MFT versions up to and including 9.1.0. This flaw allows a malicious actor to potentially access sensitive log information by deceiving an administrator into visiting a specially crafted webpage. The vulnerability has been addressed in version 9.1.0, and users are strongly advised to upgrade.
The primary impact of CVE-2025-53897 lies in the potential exposure of Kiteworks MFT log data. While not a direct path to system compromise, access to logs can reveal valuable information about file transfer activity, user behavior, and potentially sensitive data handled by the system. An attacker could leverage this information for reconnaissance, identifying valuable assets, or planning further attacks. The CSRF nature of the vulnerability means that an attacker doesn't need to authenticate to exploit it, relying instead on tricking a legitimate administrator. This makes it a relatively easy-to-exploit vulnerability, especially in environments where administrators frequently interact with the Kiteworks MFT interface.
CVE-2025-53897 was publicly disclosed on 2025-11-29. No public proof-of-concept (PoC) code has been identified at the time of writing. The vulnerability's CVSS score of 6.8 (MEDIUM) suggests a moderate probability of exploitation, particularly given the relatively simple nature of CSRF attacks. It is not currently listed on the CISA KEV catalog.
Organizations utilizing Kiteworks MFT for secure file transfer, particularly those running versions prior to 9.1.0, are at risk. Environments with less stringent administrator training or those lacking robust web application firewalls are especially vulnerable.
disclosure
Statut de l'Exploit
EPSS
0.02% (percentile 6%)
CISA SSVC
Vecteur CVSS
The definitive mitigation for CVE-2025-53897 is to upgrade Kiteworks MFT to version 9.1.0 or later, which includes the necessary fix. If an immediate upgrade is not feasible, consider implementing stricter access controls and user awareness training to minimize the risk of administrator interaction with malicious websites. While a direct workaround for CSRF is difficult, implementing robust input validation and output encoding can help prevent the exploitation of other related vulnerabilities. Regularly review Kiteworks MFT logs for any suspicious activity that might indicate a CSRF attack attempt. After upgrading, confirm the fix by attempting to trigger a log access request via a crafted URL and verifying that it fails.
Mettez à jour Kiteworks MFT à la version 9.1.0 ou supérieure. Cette version contient la correction pour la vulnérabilité CSRF. Consultez les notes de version pour plus de détails sur la mise à jour.
Analyses de vulnérabilités et alertes critiques directement dans votre boîte mail.
CVE-2025-53897 is a Cross-Site Request Forgery (CSRF) vulnerability in Kiteworks MFT versions 9.1.0 and earlier, allowing attackers to potentially access log information by tricking administrators.
Yes, if you are running Kiteworks MFT version 9.1.0 or earlier, you are affected by this vulnerability.
Upgrade Kiteworks MFT to version 9.1.0 or later to resolve this vulnerability. Consider implementing stricter access controls as an interim measure.
There is currently no confirmed evidence of active exploitation, but the vulnerability's ease of exploitation warrants caution.
Refer to the official Kiteworks security advisory for detailed information and updates regarding CVE-2025-53897.
Téléverse ton fichier de dépendances et découvre instantanément si cette CVE et d'autres te touchent.