CVE-2025-15065: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in Kings Information & Network Co. KESS Enterprise
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared File.This issue affects KESS Enterprise: before *.25.9.19.Exe.
CVE-2025-15065: CWE-200 Exposure of Sensitive Information to an Unauthorized Actor in Kings Information & Network Co. KESS Enterprise
Description
Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared File.This issue affects KESS Enterprise: before *.25.9.19.Exe.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- FSI
- Date Reserved
- 2025-12-24T04:53:13.499Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 6951cffdfd294cd93b3676a9
Added to database: 12/29/2025, 12:49:01 AM
Last updated: 12/29/2025, 3:59:51 AM
Views: 9
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2025-15169: SQL Injection in BiggiDroid Simple PHP CMS
MediumCVE-2025-52691: Vulnerability in SmarterTools SmarterMail
CriticalCVE-2025-15168: SQL Injection in itsourcecode Student Management System
MediumCVE-2025-15167: SQL Injection in itsourcecode Online Cake Ordering System
MediumCVE-2025-15166: SQL Injection in itsourcecode Online Cake Ordering System
MediumActions
External Links
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.