Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons

Social Media

Hackers News Hackers News
  • CyberSecurity News
  • Threats
  • Attacks
  • Vulnerabilities
  • Breaches
  • Comparisons
Search the Site
Popular Searches:
technology Amazon AI
Recent Posts
Apple Hide My Email Flaw Exposed Real User Email Addresses
July 1, 2026
Critical Fluentd Vulnerabilities Allow Remote Code Execution
July 1, 2026
Weaponized Google Ads Install Malicious Claude Code to Hijack macOS
July 1, 2026
Home/Vulnerabilities/CISA Warns of Active Exploitation in Soliton FileZen CVE-2023-40074
Vulnerabilities

CISA Warns of Active Exploitation in Soliton FileZen CVE-2023-40074

Key Takeaways The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active exploitation of a critical vulnerability in Soliton FileZen. The flaw, identified as...

Jennifer sherman
Jennifer sherman
March 18, 2026 3 Min Read
25 0

Key Takeaways

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has confirmed active exploitation of a critical vulnerability in Soliton FileZen.
  • The flaw, identified as CVE-2023-40074, is an OS Command Injection vulnerability with a CVSS score of 9.8 (Critical).
  • All unpatched versions of Soliton FileZen Core Server are affected, risking full system compromise and data theft.
  • CISA has added this vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, mandating federal agencies to apply patches promptly.
  • Organizations using FileZen are urged to update their systems immediately to prevent potential breaches.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued a warning regarding a critical security flaw in Soliton Systems K.K.’s FileZen product, confirming that it is actively being exploited in the wild. This high-severity vulnerability has been added to CISA’s Known Exploited Vulnerabilities (KEV) Catalog, a crucial database tracking security weaknesses currently under attack.

Table Of Content

  • Key Takeaways
  • Understanding CVE-2023-40074
  • Active Exploitation Confirmed
  • CISA’s Mandate and Recommendations
  • What You Should Do

The inclusion of this flaw underscores a persistent trend where cyber adversaries specifically target enterprise file-sharing and transfer solutions to gain unauthorized access and compromise systems. Organizations deploying the affected software are advised to conduct immediate system assessments and implement the necessary security updates to safeguard against potential breaches.

Understanding CVE-2023-40074

The vulnerability, designated CVE-2023-40074, is an OS Command Injection flaw. This type of vulnerability arises when an application fails to properly sanitize user-supplied input before passing it to a system shell. Attackers can leverage this oversight to execute arbitrary operating system commands on the targeted device, potentially leading to a complete system takeover.

With a CVSS score of 9.8 (Critical), this flaw poses a severe risk. Successful exploitation could result in full system compromise, unauthorized access to sensitive data, and potential data exfiltration. All unpatched versions of the FileZen Core Server are susceptible to this vulnerability.

Active Exploitation Confirmed

CISA highlights that command injection vulnerabilities are highly sought after by threat actors due to their direct path to deep system access. These flaws often enable attackers to manipulate files, install malware, or pivot further into an organization’s internal network without requiring complex exploitation techniques.

The confirmation of active exploitation means that threat actors have already developed functional exploits and are actively scanning the internet for vulnerable FileZen installations. This presents a significant and immediate threat to both federal enterprises and private-sector organizations.

CISA’s Mandate and Recommendations

Under Binding Operational Directive (BOD) 22-01, Federal Civilian Executive Branch (FCEB) agencies are legally obligated to remediate vulnerabilities listed in the KEV Catalog within a specified timeframe. This directive aims to substantially reduce the risk posed by known exploited vulnerabilities across government networks. Agencies must patch the FileZen vulnerability by CISA’s mandated deadline to ensure compliance and fortify their infrastructure against these active threats.

While BOD 22-01 applies strictly to federal agencies, CISA strongly urges private companies and other organizations to adopt similar rigorous standards. Integrating the KEV Catalog into routine vulnerability management practices is an effective strategy for minimizing exposure to ongoing cyberattacks. CISA continuously evaluates new intelligence and updates the catalog as additional vulnerabilities meet the criteria for active exploitation.

What You Should Do

  • Immediately Patch: Apply the latest security updates provided by Soliton Systems K.K. for FileZen Core Server to all affected versions.
  • Scan for Compromise: Conduct a thorough scan of your FileZen installations and associated systems for any indicators of compromise (IoCs) that might suggest prior exploitation.
  • Review Access Logs: Examine access logs for unusual activity, unauthorized file transfers, or unexpected command executions.
  • Network Segmentation: Ensure FileZen servers are appropriately segmented from critical internal networks to limit potential lateral movement in case of compromise.
  • Implement KEV Catalog: Integrate CISA’s KEV Catalog into your organization’s regular vulnerability management and patching routines to prioritize remediation of actively exploited flaws.

Disclaimer: HackersRadar reports on cybersecurity threats and incidents for informational and awareness purposes only. We do not engage in hacking activities, data exfiltration, or the hosting or distribution of stolen or leaked information. All content is based on publicly available sources.

Tags:

AttackCVEExploitMalwarePatchSecurityThreatVulnerability

Share Article

Jennifer sherman

Jennifer sherman

Jennifer is a cybersecurity news reporter covering data breaches, ransomware campaigns, and dark web markets. With a background in incident response, Jennifer provides unique insights into how organizations respond to cyber attacks and the evolving tactics of threat actors. Her reporting has covered major breaches affecting millions of users and has helped organizations understand emerging threats. Jennifer combines technical knowledge with investigative journalism to deliver in-depth coverage of cybersecurity incidents.

Previous Post

Critical Windows Error Reporting Bug Lets Attackers Escalate Privileges

Next Post

SolarWinds Serv-U Critical RCE Bug CVE-2024-28925 Lets Attackers Gain Root Access

No Comment! Be the first one.

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Popular Posts
Critical Citrix NetScaler ADC and Gateway Bugs Allow DoS, Memory Overflow
July 1, 2026
Critical Vulnerability in Windows Drivers Lets Attackers Disable Security Software
July 1, 2026
Automotive Manufacturer Boosts SOC Triage Speed, Closes Supplier Security Gap
July 1, 2026
Top Authors
Marcus Rodriguez
Marcus Rodriguez
Jennifer sherman
Jennifer sherman
Emy Elsamnoudy
Emy Elsamnoudy
Let's Connect
156k
2.25m
285k

Related Posts

Jennifer sherman
By Jennifer sherman
Threats

GlassWorm Attacks macOS via Malicious VS Code…

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Attacks

ClickFix Attack Hides Malicious Code via Stegan Security

January 1, 2026
Sarah simpson
By Sarah simpson
Vulnerabilities

MongoBleed Detector Tool Released to Detect MongoDB Vulnerability(CVE-2025-14847)

January 1, 2026
Emy Elsamnoudy
By Emy Elsamnoudy
Breaches

Conti Ransomware Gang Leaders & Infrastructure Exposed

January 1, 2026
Hackers News Hackers News
  • [email protected]

Quick Links

  • Contact Us
  • Privacy Policy
  • Terms of service

Categories

Attacks
Breaches
Comparisons
CyberSecurity News
Threats
Vulnerabilities

Let's keep in touch

receive fresh updates and breaking cyber news every day and week!

All Rights Reserved by HackersRadar ©2026

Follow Us