M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users

M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users

Posted on By CWS

An data disclosure vulnerability in M-Information Server permits authenticated attackers to seize and reuse session tokens from lively customers. Doubtlessly gaining unauthorized entry to delicate doc administration programs.

The flaw, tracked as CVE-2025-13008, impacts a number of variations throughout totally different launch branches and carries a high-severity CVSS 4.0 base rating of 8.6.

The vulnerability exists inside M-Information Internet and requires the attacker to have reliable authentication credentials.

As soon as authenticated, an attacker can intercept session tokens of different actively related customers whereas they carry out particular consumer operations.

By acquiring these tokens, risk actors can impersonate reliable customers and execute actions of their identify and with their permissions.

Together with accessing confidential paperwork and doubtlessly modifying vital data.

The flaw is assessed as CWE-359 (Publicity of Non-public Private Data to an Unauthorized Actor). It represents a session replay situation per CAPEC-60.

The assault requires person interplay and community accessibility, making it a sensible risk in related environments.

Affected Variations

Organizations working the next M-Information Server variations are susceptible and will prioritize patching:

Launch BranchVulnerable VersionsPatched VersionCurrent ReleaseBefore 25.12.15491.725.12.15491.7LTS 25.8Before SR325.8.15085.18 (SR3)LTS 25.2Before SR325.2.14524.14 (SR3)LTS 24.8Before SR524.8.13981.17 (SR5)

M-Information has launched patched variations addressing this vulnerability. The corporate obtained accountable vulnerability disclosure, and no public exploits at the moment exist.

Nonetheless, the low chance of exploitation designation shouldn’t diminish the urgency of patching.

Given the high-impact nature of profitable assaults, unauthorized doc entry, and potential lateral motion inside enterprise programs.

Organizations ought to prioritize testing and deploying patches throughout all affected M-Information Server situations.

Concurrently, safety groups ought to monitor entry logs for suspicious person exercise that signifies token theft or unauthorized account use.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

New Tool Exploits Windows Service Recovery for Cyber Attacks New Tool Exploits Windows Service Recovery for Cyber Attacks Cyber Security News
Multiple GitLab Vulnerabilities Enables 2FA Bypass and DoS Attacks Multiple GitLab Vulnerabilities Enables 2FA Bypass and DoS Attacks Cyber Security News
Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins Beware of Security Alert-Themed Malicious Emails that Steal Your Email Logins Cyber Security News
Hackers Exploiting Java Debug Wire Protocol Servers in Wild to Deploy Cryptomining Payload Hackers Exploiting Java Debug Wire Protocol Servers in Wild to Deploy Cryptomining Payload Cyber Security News
BlackSuit Ransomware’s Data Leak and Negotiation Portal Seized BlackSuit Ransomware’s Data Leak and Negotiation Portal Seized Cyber Security News
APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods APT35 Hacker Groups Internal Documents Leak Exposes their Targets and Attack Methods Cyber Security News