CVE-2025-0635 – CVE-2025-0635 is a denial-of-service vulnerabil... (How to Fix)

Q: What is the severity of CVE-2025-0635?

CVE-2025-0635 has a CVSS score of 7.5 (HIGH). CVE-2025-0635 is a denial-of-service vulnerability in M-Files Server that allows unauthenticated attackers to consume computing resources, potentially making the server unresponsive. This affects organizations running M-Files Server versions before 25.1.14445.5.

📋 TL;DR

CVE-2025-0635 is a denial-of-service vulnerability in M-Files Server that allows unauthenticated attackers to consume computing resources, potentially making the server unresponsive. This affects organizations running M-Files Server versions before 25.1.14445.5.

💻 Affected Systems

Products:

M-Files Server

Versions: All versions before 25.1.14445.5

Operating Systems: Windows Server (all supported versions)

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all default installations of M-Files Server before the patched version.

📦 What is this software?

M Files Server by M Files

View all CVEs affecting M Files Server →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete service outage where M-Files Server becomes completely unresponsive, disrupting document management and business workflows.

🟠

Likely Case

Degraded server performance causing slow response times and intermittent service interruptions.

🟢

If Mitigated

Minimal impact with proper network segmentation and rate limiting in place.

🌐 Internet-Facing: HIGH - Unauthenticated exploitation allows any internet user to potentially disrupt the service.

🏢 Internal Only: MEDIUM - Internal attackers or compromised systems could still cause disruption.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability requires no authentication and appears to be relatively simple to exploit based on the description.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 25.1.14445.5 or later

Vendor Advisory: https://product.m-files.com/security-advisories/cve-2025-0635/

Restart Required: Yes

Instructions:

1. Download M-Files Server version 25.1.14445.5 or later from the M-Files website. 2. Run the installer to upgrade your existing installation. 3. Restart the M-Files Server service.

🔧 Temporary Workarounds

Network Segmentation

all

Restrict access to M-Files Server to trusted networks only

Rate Limiting

all

Implement rate limiting at the network perimeter to limit resource consumption attempts

🧯 If You Can't Patch

Implement strict network access controls to limit who can reach the M-Files Server
Deploy web application firewall (WAF) rules to detect and block potential DoS patterns

🔍 How to Verify

Check if Vulnerable:

Check M-Files Server version in the M-Files Admin application under Server Management > Server Information

Check Version:

Not applicable - version check is done through M-Files Admin GUI

Verify Fix Applied:

Verify the version shows 25.1.14445.5 or higher after patching

📡 Detection & Monitoring

Log Indicators:

Unusual spike in resource consumption
Multiple connection attempts from single sources
Server performance degradation alerts

Network Indicators:

Abnormal traffic patterns to M-Files Server ports
Multiple rapid connection attempts from external IPs

SIEM Query:

source="m-files-server" AND (event_type="resource_exhaustion" OR cpu_usage>90% OR memory_usage>90%)

📊 Metadata

CVE ID: CVE-2025-0635

CVSS v3 Score: 7.5 (HIGH)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-770

EPSS Score: 0.13% exploit probability (32.9th percentile)

Published: January 23, 2025

Last Updated: February 23, 2026

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-0635, you might also want to check these: