M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users

M-Files Vulnerability Let Attacker Capture Session Tokens of Other Active Users

Posted on By CWS

An data disclosure vulnerability in M-Information Server permits authenticated attackers to seize and reuse session tokens from lively customers. Doubtlessly gaining unauthorized entry to delicate doc administration programs.

The flaw, tracked as CVE-2025-13008, impacts a number of variations throughout totally different launch branches and carries a high-severity CVSS 4.0 base rating of 8.6.

The vulnerability exists inside M-Information Internet and requires the attacker to have reliable authentication credentials.

As soon as authenticated, an attacker can intercept session tokens of different actively related customers whereas they carry out particular consumer operations.

By acquiring these tokens, risk actors can impersonate reliable customers and execute actions of their identify and with their permissions.

Together with accessing confidential paperwork and doubtlessly modifying vital data.

The flaw is assessed as CWE-359 (Publicity of Non-public Private Data to an Unauthorized Actor). It represents a session replay situation per CAPEC-60.

The assault requires person interplay and community accessibility, making it a sensible risk in related environments.

Affected Variations

Organizations working the next M-Information Server variations are susceptible and will prioritize patching:

Launch BranchVulnerable VersionsPatched VersionCurrent ReleaseBefore 25.12.15491.725.12.15491.7LTS 25.8Before SR325.8.15085.18 (SR3)LTS 25.2Before SR325.2.14524.14 (SR3)LTS 24.8Before SR524.8.13981.17 (SR5)

M-Information has launched patched variations addressing this vulnerability. The corporate obtained accountable vulnerability disclosure, and no public exploits at the moment exist.

Nonetheless, the low chance of exploitation designation shouldn’t diminish the urgency of patching.

Given the high-impact nature of profitable assaults, unauthorized doc entry, and potential lateral motion inside enterprise programs.

Organizations ought to prioritize testing and deploying patches throughout all affected M-Information Server situations.

Concurrently, safety groups ought to monitor entry logs for suspicious person exercise that signifies token theft or unauthorized account use.

Comply with us on Google Information, LinkedIn, and X for day by day cybersecurity updates. Contact us to characteristic your tales.

Cyber Security News Tags:, , , , , , ,

Related Posts

Android Security Update – Patch for Vulnerabilities that Allows Privilege Escalation Cyber Security News
Microsoft Confirms Error Entry in Windows Firewall With Advanced Security Microsoft Confirms Error Entry in Windows Firewall With Advanced Security Cyber Security News
Critical VMware Vulnerability Exposes IT Systems to Risks Critical VMware Vulnerability Exposes IT Systems to Risks Cyber Security News
Researchers Evaded Elastic EDR’s Call Stack Signatures by Exploiting Call Gadgets Researchers Evaded Elastic EDR’s Call Stack Signatures by Exploiting Call Gadgets Cyber Security News
Critical HTTP/2 Vulnerability in Apache Threatens Servers Critical HTTP/2 Vulnerability in Apache Threatens Servers Cyber Security News
Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail Metasploit Releases 7 New Exploit Modules covering FreePBX, Cacti and SmarterMail Cyber Security News