Authentication Bypass Vulnerability in Kentico Xperience Software
CVE-2025-2747

9.8CRITICAL

Key Information:

Vendor: Kentico
Status: Xperience
Vendor: CVE Published:; 24 March 2025

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 80%🦅 CISA Reported

What is CVE-2025-2747?

The authentication bypass vulnerability in Kentico Xperience arises from improper handling of passwords within the Staging Sync Server component. This flaw allows unauthorized access to administrative objects, significantly compromising the integrity of the application. Affected versions, including Xperience up to 13.0.178, may enable attackers to exploit weaknesses in user authentication, leading to unauthorized manipulation of server resources.

CISA has reported CVE-2025-2747

CISA provides regional cyber and physical services to support security and resilience across the United States. CISA monitor the most dangerious vulnerabilities and have identifed CVE-2025-2747 as being exploited but is not known by the CISA to be used in ransomware campaigns. This is subject to change at pace

The CISA's recommendation is: Apply mitigations per vendor instructions, follow applicable BOD 22-01 guidance for cloud services, or discontinue use of the product if mitigations are unavailable.

Affected Version(s)

Xperience 0 <= 13.0.178

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2025-2747 - Proof of Concept