U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog
Publish Date: 2026-02-25 04:22:00
Source Domain: securityaffairs.com
U.S. CISA adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog
Pierluigi Paganini
February 25, 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a flaw in Soliton Systems K.K FileZen to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added a Soliton Systems K.K FileZen flaw, tracked as CVE-2026-25108 (CVSS v4 score of 8.7), to its Known Exploited Vulnerabilities (KEV) catalog.
Soliton Systems K.K. FileZen is a secure file transfer solution that enables organizations to share and manage sensitive data safely. It provides access controls, activity logging, and antivirus scanning.
The vulnerability is an operating system (OS) command injection that could allow an authenticated user to execute arbitrary commands via specially crafted HTTP requests.
“Command Injection Vulnerability in a Specific Field on the Post-Logon Screen (CWE-78)” reads the advisory. “A remote attacker may be able to execute arbitrary OS commands within FileZen.”
The vulnerability can be exploited only if two conditions are met: the FileZen virus check feature (BitDefender-based) is enabled, and an attacker has valid login access to the FileZen website, either through leaked credentials or successfully guessed user IDs and passwords.
The flaw impacts Versions 5.0.0 to 5.0.10 and Versions 4.2.1 to 4.2.8. V5.0.11 or later address the flaw.
Soliton is aware of the active exploitation of this flaw:
“We have received at least one report of damage caused by the exploitation of this vulnerability.” reads the advisory. “For this vulnerability to occur, an attacker must log on to the web screen with general user privileges. If you have been attacked or suspected of being a victim of this vulnerability, please consider not only updating to V5.0.11 or later, but also changing…
