Full Report
The Cybersecurity and Infrastructure Security Agency (CISA) has added a critical vulnerability affecting Gladinet CentreStack and Triofox to its Known Exploited Vulnerabilities catalog, signaling active exploitation in the wild. The flaw, tracked as CVE-2025-11371, exposes sensitive system files to unauthorized external parties, posing a significant risk to organizations relying on these cloud file-sharing platforms. Overview […] The post CISA Issues Alert on Gladinet CentreStack and Triofox Vulnerabilities Under Active Exploitation appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
Analysis Summary
# Vulnerability: File Exposure in Gladinet CentreStack and Triofox (CISA KEV)
## CVE Details
- CVE ID: CVE-2025-11371
- CVSS Score: Critical (Score not explicitly provided, but marked as critical by CISA)
- CWE: CWE-552 (File or Directory Accessible to External Parties)
## Affected Systems
- Products: Gladinet CentreStack, Triofox
- Versions: Not specified in the provided context, but all versions are assumed vulnerable until patched.
- Configurations: Cloud file-sharing platforms relying on inadequate access controls.
## Vulnerability Description
CVE-2025-11371 is a critical weakness stemming from inadequate access controls within Gladinet CentreStack and Triofox platforms. This flaw allows external (unauthenticated or unauthorized) parties to access and disclose sensitive system files and directories that should otherwise remain protected.
## Exploitation
- Status: Exploited in the wild (Added to CISA KEV catalog on Nov 4, 2025)
- Complexity: Not specified, but active exploitation suggests practical exploit paths exist.
- Attack Vector: Network (Remote access to sensitive files).
## Impact
- Confidentiality: High (Exposure of sensitive system files and data)
- Integrity: Potentially High (Depending on the nature of the exposed files)
- Availability: Low (Primary impact is disclosure, not denial of service)
## Remediation
### Patches
- Administrators must check the official Gladinet website for explicit security updates and patches addressing CVE-2025-11371 and apply them immediately.
### Workarounds
1. **Consult BOD 22-01 Guidance:** Federal agencies and organizations handling sensitive data should rigorously follow the guidance specified in BOD 22-01 for cloud service security.
2. **Implement Zero Trust:** Enforce security principles like zero-trust and mandatory Multi-Factor Authentication (MFA).
3. **Discontinue Use (If Necessary):** If patches or sufficient mitigations cannot be implemented immediately, organizations should consider completely discontinuing the use of the affected Gladinet CentreStack and Triofox products to eliminate the risk.
## Detection
- **Inventory Check:** Immediately inventory all deployed instances of Gladinet CentreStack and Triofox.
- **Monitoring:** Scan internal systems and access logs for patterns indicating unauthorized file access or retrieval attempts targeting sensitive system files via the cloud platforms.
- **Action Deadline:** Federal agencies must comply with remediation efforts by November 25, 2025.
## References
- Vendor advisories: Check Gladinet’s official website for security advisories.
- CISA KEV Catalog: CISA gov/known-exploited-vulnerabilities-catalog
- Relevant Link: gbhackers.com/cisa-issues-alert-on-gladinet-centrestack-and-triofox-vulnerabilities/