CISA Verifies FileZen Vulnerability Exploit Threat actors are actively taking advantage of a serious flaw in FileZen by Soliton Systems K.K., according to confirmation from U.S. authorities. CISA has formally added this vulnerability to the Known Exploited Vulnerabilities (KEV) Catalog because of the high risk involved. This catalog is an essential tool for monitoring security flaws that are being used in actual attacks.
This vulnerability's inclusion draws attention to a persistent pattern in which cybercriminals target enterprise file-sharing and transfer systems in particular. In order to prevent potential unauthorized access or system compromise, organizations using the impacted software are advised to evaluate their systems right away and implement the required security updates.
Description of the CVE ID CVSS Score Vulnerability Type Versions Affected by the Affected Component CVE-2026-25108 9.8 (Critical) Impact Injection of OS Commands permits remote OS command execution on FileZen, increasing the risk of data theft and complete system compromise. FileZen Core Server Every unpatched version Unauthorized access, complete system compromise, and possible data exfiltration Verified Active Exploitation The recently discovered vulnerability is classified as an OS Command Injection vulnerability. When an application incorrectly verifies user-supplied data before sending it to a system shell, a security flaw of this kind arises.
Attackers are thus able to run any operating system command on the targeted device.
Learn more Services for cloud security Malware Planning for incident response Command injection vulnerabilities are highly valued by threat actors because they frequently offer a direct route to total system takeover, enabling attackers to alter files, install malware, or move deeper into the internal network. According to CISA, this particular kind of vulnerability is a common and very powerful attack vector. Both federal enterprises and private-sector organizations are at serious risk from these vulnerabilities since they provide deep system access without the need for sophisticated exploitation techniques.
The fact that this vulnerability is being actively exploited suggests that threat actors have already created workable exploits and are actively searching the internet for weak systems.
Federal Civilian Executive Branch (FCEB) agencies are legally obligated to address vulnerabilities listed in the KEV Catalog within a given timeframe, as per Binding Operational Directive (BOD) 22-01. The major risk posed by known exploited vulnerabilities across government networks is intended to be significantly reduced by this directive. To ensure compliance and protect their infrastructure from these ongoing threats, agencies must patch the FileZen vulnerability by the deadline set by CISA.
Although BOD 22-01's mandatory patching requirements are only applicable to federal agencies, CISA strongly encourages private businesses and other organizations to follow the same stringent guidelines. One of the best ways to reduce exposure to ongoing cyberattacks is to incorporate the KEV Catalog into regular vulnerability management procedures.
As more vulnerabilities fit the requirements for active exploitation, CISA will update the catalog and continue to assess fresh intelligence. Learn more about vulnerability assessment tools. Solutions for cloud security Set ZeroOwl as a Preferred Source in Google and use secure coding techniques, LinkedIn, and X to receive more immediate updates.
