CVE-2026-23514
Published: 25 March 2026
Summary
CVE-2026-23514 is a high-severity Improper Ownership Management (CWE-282) vulnerability in Accellion Kiteworks. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 11.8th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and SI-2 (Flaw Remediation).
Threat & Defense at a Glance
Threat & Defense Details
Mitigating Controls (NIST 800-53 r5)AI
Enforces approved authorizations for logical access to information and system resources, directly preventing authenticated users from accessing unauthorized content as exploited in this vulnerability.
Requires timely identification, reporting, and correction of system flaws like this access control vulnerability through patching to version 9.2.2 or later.
Employs least privilege to restrict authenticated low-privilege users to only necessary accesses, limiting the scope and impact of unauthorized content access.
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Access control bypass in network-accessible app enables remote exploitation for unauthorized access/privilege escalation by low-priv authenticated users.
NVD Description
Kiteworks is a private data network (PDN). Versions 9.2.0 and 9.2.1 of Kiteworks Core have an access control vulnerability that allows authenticated users to access unauthorized content. Upgrade Kiteworks Core to version 9.2.2 or later to receive a patch.
Deeper analysisAI
CVE-2026-23514 is an access control vulnerability (CWE-282) affecting Kiteworks Core, the core component of Kiteworks, a private data network (PDN). The issue impacts versions 9.2.0 and 9.2.1, enabling authenticated users to access unauthorized content. Published on 2026-03-25, it carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to network accessibility, low attack complexity, and significant impacts on confidentiality, integrity, and availability.
An authenticated user with low privileges (PR:L) can exploit this vulnerability remotely over the network without user interaction. Successful exploitation allows the attacker to access content they are not authorized for, potentially leading to unauthorized data exposure, modification, or disruption of services, as reflected in the high impact ratings across confidentiality, integrity, and availability.
The Kiteworks security advisory recommends upgrading Kiteworks Core to version 9.2.2 or later to apply the patch that addresses this vulnerability. Further details are available in the advisory at https://github.com/kiteworks/security-advisories/security/advisories/GHSA-5gqr-cpr6-wvm5.
Details
- CWE(s)