ATEN has patched a high-severity remote code execution vulnerability in its Unizon software, disclosed publicly on June 24, 2026, through the Zero Day Initiative under the identifier ZDI-26-383.
Vulnerability Details
The flaw, tracked as CVE-2026-9779, carries a CVSS score of 7.2 and resides in the updateWar method of ATEN Unizon. The root cause is an incorrect implementation of cryptographic signature verification, specifically in the doCryptoHugeFileToFile function. Because the application fails to properly validate cryptographic signatures during update processing, an authenticated remote attacker can supply a maliciously crafted file and achieve code execution in the context of the SYSTEM account.
Attack Requirements
- Network access: Exploitable remotely over the network
- Authentication: Required (high-privilege credentials)
- User interaction: None required
- Impact: Full confidentiality, integrity, and availability compromise
Remediation
ATEN has issued a patch addressing this vulnerability. Administrators running Unizon should consult the vendor’s security advisory for update instructions and apply the fix promptly. The vulnerability was originally reported to ATEN on March 13, 2026, and the coordinated public disclosure occurred on June 24, 2026, following a roughly three-month remediation window.
Credit
The vulnerability was discovered and reported by Ahmed Y. Elmogy.