M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users

Posted on By CWS

An data disclosure vulnerability in M-Information Server permits authenticated attackers to seize and reuse session tokens from lively customers. Doubtlessly gaining unauthorized entry to delicate doc administration programs.

The flaw, tracked as CVE-2025-13008, impacts a number of variations throughout totally different launch branches and carries a high-severity CVSS 4.0 base rating of 8.6.

The vulnerability exists inside M-Information Internet and requires the attacker to have reliable authentication credentials.

As soon as authenticated, an attacker can intercept session tokens of different actively related customers whereas they carry out particular consumer operations.

By acquiring these tokens, risk actors can impersonate reliable customers and execute actions of their identify and with their permissions.

Together with accessing confidential paperwork and doubtlessly modifying vital data.

The flaw is assessed as CWE-359 (Publicity of Non-public Private Data to an Unauthorized Actor). It represents a session replay situation per CAPEC-60.

The assault requires person interplay and community accessibility, making it a sensible risk in related environments.

Affected Variations

Organizations working the next M-Information Server variations are susceptible and will prioritize patching:

Launch BranchVulnerable VersionsPatched VersionCurrent ReleaseBefore 25.12.15491.725.12.15491.7LTS 25.8Before SR325.8.15085.18 (SR3)LTS 25.2Before SR325.2.14524.14 (SR3)LTS 24.8Before SR524.8.13981.17 (SR5)

M-Information has launched patched variations addressing this vulnerability. The corporate obtained accountable vulnerability disclosure, and no public exploits at the moment exist.

Nonetheless, the low chance of exploitation designation shouldn’t diminish the urgency of patching.

Given the high-impact nature of profitable assaults, unauthorized doc entry, and potential lateral motion inside enterprise programs.

Organizations ought to prioritize testing and deploying patches throughout all affected M-Information Server situations.

Concurrently, safety groups ought to monitor entry logs for suspicious person exercise that signifies token theft or unauthorized account use.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Hackers Exploit AI Tools Misconfiguration To Run Malicious AI-generated Payloads Cyber Security News
CISA Warns of Libraesva ESG Command Injection Vulnerability Actively Exploited in Attacks Cyber Security News
Critical Veeam Backup RCE Vulnerabilities Let Attackers Execute Malicious Code Remotely Cyber Security News
Beware of Weaponized ScreenConnect App That Delivers AsyncRAT and PowerShell RAT Cyber Security News
New AI-Powered Wi-Fi Biometrics WhoFi Tracks Humans Behind Walls with 95.5% Accuracy Cyber Security News
Lessons From Salesforce/Salesloft Drift Data Breaches Cyber Security News