File metadata can include details such as the software used to create a document and its version, which could be exploited if the software is known to have vulnerabilities. This information can aid a penetration tester in pinpointing specific software vulnerabilities to target within an organization.