CISA Adds Authenticated Command Injection Vulnerability to Known Exploits Catalog
CISA has added CVE-2026-25108, an OS command injection vulnerability in Soliton Systems' FileZen, to its Known Exploited Vulnerabilities Catalog due to evidence of active exploitation. This vulnerability poses significant risks to federal enterprises and other users.
CVE References
Affected
The addition of CVE-2026-25108 to CISA's Known Exploited Vulnerabilities (KEV) Catalog underscores its critical nature and active exploitation in the wild. This vulnerability, with a CVSS v4 score of 8.7, allows authenticated users to inject OS commands, potentially leading to arbitrary code execution or privilege escalation. Such command injection flaws are common attack vectors for cyber adversaries, making this vulnerability particularly dangerous.
The affected product, FileZen OS by Soliton Systems, is likely used in enterprise environments, increasing the potential impact of exploitation. Organizations relying on this software are at heightened risk and should prioritize remediation. The vulnerability's inclusion in CISA's KEV Catalog aligns with Binding Operational Directive (BOD) 22-01, which mandates federal agencies to address these vulnerabilities promptly.
Defenders should immediately assess their exposure to FileZen OS and apply available patches or workarounds. Monitoring for exploitation attempts and implementing network segmentation can mitigate risks while updates are applied. The broader implication is that this vulnerability highlights the ongoing challenge of patching critical systems and the need for proactive threat management.
Sources