U.S. CISA Adds Flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities Catalog

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has recently added a critical vulnerability in the Soliton Systems K.K FileZen secure file transfer solution to its Known Exploited Vulnerabilities (KEV) catalog. This move aims to alert organizations and individuals about the potential risks associated with this flaw, which can be exploited by authenticated users to execute arbitrary commands via specially crafted HTTP requests.

The vulnerability, tracked as CVE-2026-25108, has a CVSS v4 score of 8.7, indicating its high severity level. It is an operating system (OS) command injection vulnerability that affects Soliton Systems K.K FileZen versions 5.0.0 to 5.0.10 and 4.2.1 to 4.2.8. However, updates to version 5.0.11 or later address this flaw, providing a fix for the affected users.

According to CISA, the vulnerability can be exploited only if two conditions are met: the FileZen virus check feature (BitDefender-based) is enabled, and an attacker has valid login access to the FileZen website, either through leaked credentials or successfully guessed user IDs and passwords. This highlights the importance of robust security measures, such as multi-factor authentication and regular password changes.

Soliton Systems K.K has acknowledged that they have received at least one report of damage caused by the exploitation of this vulnerability. They advise users to update to version 5.0.11 or later and change all user passwords as a precautionary measure, as an attacker could potentially log in with real accounts.

The addition of this vulnerability to CISA's KEV catalog serves as a reminder for organizations and individuals to prioritize their cybersecurity posture. As stated in the Binding Operational Directive (BOD) 22-01: Reducing the Significant Risk of Known Exploited Vulnerabilities, federal agencies are required to address identified vulnerabilities by the due date to protect their networks against attacks exploiting the flaws in the catalog.

In light of this development, experts recommend that private organizations review the KEV catalog and address the vulnerabilities in their infrastructure. This proactive approach can help prevent potential data breaches and minimize the risk of malware infections.

The CISA's efforts to identify and disclose known exploited vulnerabilities aim to enhance the overall cybersecurity landscape. By staying informed about these vulnerabilities and taking prompt action, individuals and organizations can better protect themselves against emerging threats.

Stay tuned for more updates on this vulnerability and other cybersecurity-related news by following me on Twitter: @securityaffairs and Facebook and Mastodon (SecurityAffairs – hacking, US CISA Known Exploited Vulnerabilities catalog).

HACKER_BLOG

U.S. CISA ADDS A FLAW IN SOLITON SYSTEMS K.K FILEZEN TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. CISA Adds Flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities Catalog

HACKER_BLOG

U.S. CISA ADDS A FLAW IN SOLITON SYSTEMS K.K FILEZEN TO ITS KNOWN EXPLOITED VULNERABILITIES CATALOG

U.S. CISA Adds Flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities Catalog

RELATED POSTS

AI-powered campaign compromises 600 FortiGate systems worldwide

CISA: Recently patched RoundCube flaws now exploited in attacks

User accidentally gains control of over 6,700 robot vacuums while tinkering with their own device to enable control with a PlayStation controller — security flaw reveals floor plans and live video feeds