CISA Adds FileZen Vulnerability to KEV Catalog: Active Exploitation Confirmed

Home » News
Yash Shield
News
Reading time icon 2 min. read

Calendar icon Published on

CISA confirms active exploits of a critical FileZen vulnerability by Soliton Systems. The OS command injection flaw, CVE-2026-25108 (CVSS 9.8), allows remote system takeover. It joins the Known Exploited Vulnerabilities (KEV) Catalog. CISA’s February 24, 2026 alert states: “Federal agencies must remediate within BOD 22-01 timelines due to real-world attacks.”

FileZen handles enterprise file transfers. Attackers inject commands via unvalidated input to the core server. This runs arbitrary OS code, leading to data theft or malware. All unpatched versions suffer.

As of February 26, 2026, Soliton urges updates. No patch version specified in advisories; check vendor site. CISA tracks internet scans for vulnerable instances. Private firms should prioritize too.

Command injection skips auth for deep access. Attackers pivot to networks post-breach. File servers hold sensitive data, amplifying risks.

Federal rules mandate quick fixes. Others follow for best practice.

Vulnerability Overview

CVECVSSTypeAffectedImpact
CVE-2026-251089.8OS Command InjectionFileZen Core Server (all unpatched)Remote RCE, full compromise, data exfil

Exploitation Risks

Real-world threats grow.

  • Internet-exposed FileZen servers scanned daily.
  • Leads to ransomware or persistence.
  • Pivots to internal assets.
  • No auth needed for initial hit.

Remediation Steps

Patch and secure now.

  • Apply Soliton updates immediately.
  • Scan networks for FileZen instances.
  • Use BOD 22-01 timelines (federal).
  • Block inbound to port 443 if exposed.
  • Monitor logs for injection attempts.

FAQ

What is the FileZen vulnerability?

CVE-2026-25108: OS command injection for remote code execution.

Is it under active attack?

Yes, CISA confirms exploitation in the wild.

Which versions are vulnerable?

All unpatched FileZen Core Server.

What must federal agencies do?

Remediate per BOD 22-01.

How do I check exposure?

Search KEV Catalog and scan with NVD tools.

Yash

Yash Shield

I am a Business Analytics student with a strong interest in publishing well-researched and data-driven news articles. I focus on analyzing trends in business, finance, and technology to create clear, accurate, and engaging content for readers. I enjoy transforming complex data and information into simple, meaningful stories that help audiences understand current developments. With analytical thinking and attention to detail, I aim to deliver credible and insightful news that adds real value to readers.

Readers help support VPNCentral. We may get a commission if you buy through our links. Tooltip Icon

Read our disclosure page to find out how can you help VPNCentral sustain the editorial team Read more

User forum

0 messages