Key Information Vulnerability Overview Security ID: QSA-25-16 Release Date: June 7, 2023 CVE Identifiers: CVE-2025-22484, CVE-2025-22490, CVE-2025-29871, CVE-2025-29872, CVE-2025-29873, CVE-2025-29876, CVE-2025-29877, CVE-2025-33035, CVE-2025-30279, CVE-2025-33031 Affected Product: File Station 5 version 5.5.x Severity: Important Status: Resolved Vulnerability Details Improper Resource Allocation Vulnerability (CVE-2025-22484, CVE-2025-29872): Remote attackers with user account access can exploit this vulnerability to prevent other systems, applications, or processes from accessing the same resource. Null Pointer Dereference Vulnerability (CVE-2025-29873, CVE-2025-29876, CVE-2025-29877): Remote attackers with user account access can exploit this vulnerability to launch denial-of-service attacks. Out-of-bounds Read Vulnerability (CVE-2025-29871): Local attackers with admin account access can exploit this vulnerability to retrieve sensitive data. Path Traversal Vulnerability (CVE-2025-33035): Remote attackers with user account access can exploit this vulnerability to read unintended files or system data content. Improper Certificate Validation Vulnerability (CVE-2025-30279, CVE-2025-33031): Remote attackers with user account access can exploit this vulnerability to compromise system security. Solution Fixed Version: File Station 5 version 5.5.6.4847 and later Recommended Actions Update File Station 5 to the latest version to address the vulnerabilities.