CVE-2025-15065 HIGH

CVE-2025-15065: Data Exposure in Kings Information & Network KESS Enterprise

Vendor Kings Information & Network Co.

Product KESS Enterprise

Weakness CWE-200 · Info exposure

Published December 29, 2025

Last update December 31, 2025

View on NVD All CVEs

CVSS base score

8.6/10

Attack vector Local

Attack complexity High

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:L/AC:H/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:N

What the vulnerability does

01Description

Exposure of Sensitive Information to an Unauthorized Actor, Missing Encryption of Sensitive Data, Files or Directories Accessible to External Parties vulnerability in Kings Information & Network Co. KESS Enterprise on Windows allows Privilege Escalation, Modify Existing Service, Modify Shared File.This issue affects KESS Enterprise: before *.25.9.19.exe

Key dates

02Disclosure timeline

December 29, 2025 CVE published

December 31, 2025 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2025-15065

Related vulnerabilities

Identifiers

CVE CVE-2025-15065

CWE CWE-200

CVSS 8.6 / HIGH

Affected versions