CVE-2025-15065

Description

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared File.This issue affects KESS Enterprise: before *.25.9.19.Exe.

PUBLISHED Reserved 2025-12-24 | Published 2025-12-29 | Updated 2025-12-29 | Assigner FSI

Problem types

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-311 Missing Encryption of Sensitive Data

CWE-552 Files or Directories Accessible to External Parties

Product status

Credits

namgiwoong(남기웅, Giwoong Nam) finder

References

www.kings.co.kr/solution/01/KESS.jsp?O=10.64&B=Chrome

cve.org (CVE-2025-15065)

nvd.nist.gov (CVE-2025-15065)

Download JSON

Data based on CVE®. Copyright © 1999-2025, The MITRE Corporation. All rights reserved.