• Home
  • cyber
  • Soliton Systems K.K.: CISA Confirms Active Exploitation of FileZen Vulnerability
cyber Vulnerability

Soliton Systems K.K.: CISA Confirms Active Exploitation of FileZen Vulnerability

Feb 25, 2026 2 min read
Soliton Systems K.K.: CISA Confirms Active Exploitation of FileZen Vulnerability

Critical FileZen Vulnerability Actively Exploited, Added to CISA’s KEV Catalog

U.S. authorities have confirmed that threat actors are actively exploiting a critical OS command injection vulnerability (CVE-2026-25108) in FileZen, a file-sharing and transfer solution by Soliton Systems K.K.. The flaw, rated 9.8 (Critical) on the CVSS scale, allows remote attackers to execute arbitrary commands on affected systems, risking full compromise, data theft, and lateral movement within networks.

The Cybersecurity and Infrastructure Security Agency (CISA) has added the vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, signaling an urgent threat to organizations using unpatched versions of FileZen. Exploitation of such flaws is a growing trend, with cybercriminals increasingly targeting enterprise file-sharing tools due to their broad access to sensitive data.

Under Binding Operational Directive (BOD) 22-01, federal agencies are required to remediate the vulnerability by CISA’s mandated deadline to comply with security standards. While the directive applies only to Federal Civilian Executive Branch (FCEB) agencies, CISA strongly recommends that private-sector organizations adopt similar measures to mitigate risk.

The vulnerability affects all unpatched versions of FileZen Core Server and has already been weaponized in real-world attacks. Threat actors are actively scanning for exposed systems, leveraging the flaw’s low complexity and high impact to gain deep system access. CISA continues to monitor intelligence and update the KEV Catalog as new threats emerge.

Source: https://cybersecuritynews.com/cisa-confirms-active-exploitation-of-filezen-vulnerability/

Soliton Systems K.K. TPRM report: https://www.rankiteo.com/company/solitonsystems

"id": "sol1772022298",
"linkid": "solitonsystems",
"type": "Vulnerability",
"date": "2/2026",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization's existence"
{'affected_entities': [{'customers_affected': 'Organizations using unpatched '
                                              'versions of FileZen',
                        'industry': 'Technology (File-sharing solutions)',
                        'location': 'Japan',
                        'name': 'Soliton Systems K.K.',
                        'type': 'Vendor'}],
 'attack_vector': 'Remote',
 'data_breach': {'sensitivity_of_data': 'High',
                 'type_of_data_compromised': 'Sensitive data'},
 'description': 'U.S. authorities have confirmed that threat actors are '
                'actively exploiting a critical OS command injection '
                'vulnerability (CVE-2026-25108) in FileZen, a file-sharing and '
                'transfer solution by Soliton Systems K.K. The flaw allows '
                'remote attackers to execute arbitrary commands on affected '
                'systems, risking full compromise, data theft, and lateral '
                'movement within networks. CISA has added the vulnerability to '
                'its Known Exploited Vulnerabilities (KEV) Catalog, signaling '
                'an urgent threat to organizations using unpatched versions of '
                'FileZen.',
 'impact': {'data_compromised': 'Sensitive data',
            'operational_impact': 'Full system compromise, lateral movement '
                                  'within networks',
            'systems_affected': 'FileZen Core Server'},
 'investigation_status': 'Ongoing',
 'post_incident_analysis': {'corrective_actions': 'Apply security patches, '
                                                  'monitor for exploitation '
                                                  'attempts, and enhance '
                                                  'vulnerability management '
                                                  'practices.',
                            'root_causes': 'Unpatched critical vulnerability '
                                           '(CVE-2026-25108) in FileZen Core '
                                           'Server'},
 'recommendations': 'Patch affected FileZen Core Server versions immediately. '
                    'Federal agencies must comply with CISA’s remediation '
                    'deadline under BOD 22-01. Private-sector organizations '
                    'are strongly advised to adopt similar measures.',
 'references': [{'source': 'CISA Known Exploited Vulnerabilities (KEV) '
                           'Catalog'}],
 'regulatory_compliance': {'regulatory_notifications': 'CISA KEV Catalog '
                                                       'addition, Binding '
                                                       'Operational Directive '
                                                       '(BOD) 22-01'},
 'response': {'remediation_measures': 'Patch affected FileZen Core Server '
                                      'versions'},
 'stakeholder_advisories': 'CISA strongly recommends private-sector '
                           'organizations adopt remediation measures similar '
                           'to federal agencies under BOD 22-01.',
 'title': 'Critical FileZen Vulnerability Actively Exploited, Added to CISA’s '
          'KEV Catalog',
 'type': 'Vulnerability Exploitation',
 'vulnerability_exploited': 'CVE-2026-25108 (OS command injection)'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.