CVE-2026-9779
Analyzed Analyzed - Analysis Complete

Improper Signature Verification in ATEN Unizon RCE

Vulnerability report for CVE-2026-9779, including description, CVSS score, EPSS score, affected products, exploitability, helpful resources, and attack-flow context.

Publication date: 2026-06-24

Last updated on: 2026-06-27

Assigner: Zero Day Initiative

Description

ATEN Unizon doCryptoHugeFileToFile Improper Verification of Cryptographic Signature Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of ATEN Unizon. Authentication is required to exploit this vulnerability. The specific flaw exists within the updateWar method. The issue results from an incorrect implementation of cryptographic signature verification. An attacker can leverage this vulnerability to execute code in the context of SYSTEM. Was ZDI-CAN-28590.

CVSS Scores

EPSS Scores

Probability:
Percentile:

Meta Information

Published
2026-06-24
Last Modified
2026-06-27
Generated
2026-07-15
AI Q&A
2026-06-25
EPSS Evaluated
2026-07-13
NVD
EUVD

Affected Vendors & Products

Showing 1 associated CPE
Vendor Product Version / Range
aten unizon to 2.7.264 (exc)

Helpful Resources

Exploitability

CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-347 The product does not verify, or incorrectly verifies, the cryptographic signature for data.

Attack-Flow Graph

AI Quick Actions

Instant insights powered by AI
Executive Summary

This vulnerability exists in ATEN Unizon's doCryptoHugeFileToFile function, specifically within the updateWar method. It is caused by an improper verification of a cryptographic signature, which means the software does not correctly check the authenticity of certain files or updates.

Because of this flaw, a remote attacker who is authenticated can exploit the vulnerability to execute arbitrary code on the affected system with SYSTEM-level privileges.

Impact Analysis

If exploited, this vulnerability allows an authenticated remote attacker to execute arbitrary code with SYSTEM privileges on the affected ATEN Unizon installation.

This means the attacker could potentially take full control of the system, leading to data theft, system manipulation, disruption of services, or further attacks within the network.

Compliance Impact

The vulnerability allows remote attackers to execute arbitrary code with SYSTEM-level privileges due to improper verification of cryptographic signatures. This could lead to unauthorized access or control over sensitive data or systems.

Such unauthorized access and potential data compromise may impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and secure system integrity.

However, the provided information does not explicitly discuss the direct impact on compliance with these standards or any regulatory implications.

Mitigation Strategies

To mitigate the CVE-2026-9779 vulnerability in ATEN Unizon, you should immediately apply the security patch released by ATEN, specifically firmware version FW V2.7.264.001 dated April 15, 2026.

This patch addresses the improper verification of cryptographic signatures that allows remote code execution with SYSTEM privileges.

Additionally, ensure that only authenticated users with high privileges can access the update functionality, and monitor for any unauthorized attempts to upload or execute malicious WAR files.

Chat Assistant

Ask questions about this CVE
Hi! I’m here to help you understand CVE-2026-9779. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70

EPSS Chart