HomeIntelligenceBrief
VULNERABILITY BRIEF🟡 Medium Vulnerability

Authenticated Directory Traversal in ATEN Unizon (CVE‑2026‑9775) Enables Arbitrary File Deletion

ATEN’s Unizon platform contains CVE‑2026‑9775, a directory‑traversal bug that lets authenticated attackers delete arbitrary files, potentially causing denial‑of‑service. For SOC 2‑ready organizations, the issue underscores the need for rigorous control mapping and continuous evidence of device‑patch compliance.

LiveThreat™ Intelligence · 📅 June 25, 2026· 📰 zerodayinitiative.com
🟡
Severity
Medium
VU
Type
Vulnerability
🎯
Confidence
High
🏢
Affected
1 sector(s)
Actions
3 recommended
📰
Source
zerodayinitiative.com

Authenticated Directory Traversal in ATEN Unizon (CVE‑2026‑9775) Enables Arbitrary File Deletion

What It Is – ATEN disclosed CVE‑2026‑9775, a directory‑traversal flaw in the uploadSSL method of its Unizon video‑distribution platform. An authenticated remote attacker can supply a crafted path, bypass validation, and cause the system to delete arbitrary files.

Exploitability – The vulnerability requires valid credentials (PR:H) and a network‑reachable host (AV:N). No public exploit code is known, but the low attack complexity (AC:L) and high impact on availability (A:H) give attackers a practical path once they obtain access. CVSS 5.5 (moderate).

Affected Products – ATEN Unizon (all firmware versions prior to the vendor‑released patch).

Why It Matters for Compliance & Audit Readiness

  • Control Mapping – The flaw maps directly to SOC 2 CC6.1 (System Operations) and CC7.1 (Change Management). Demonstrating that you have identified, documented, and remediated such gaps is essential audit evidence.
  • Continuous Evidence – Ongoing monitoring of firmware versions and file‑system integrity provides a defensible trail that auditors expect for “in‑process” controls.
  • Vendor‑Device Assurance – Enterprise buyers increasingly demand proof that third‑party hardware is patched and that remediation steps are recorded in a trusted audit repository.

Recommended Actions

  • Apply ATEN’s security update immediately and verify the firmware version on all Unizon devices.
  • Conduct a post‑patch integrity check of critical system directories; log findings in your change‑management system.
  • Map the vulnerability to the relevant SOC 2 controls (CC6.1, CC7.1) and capture remediation evidence in a centralized compliance repository.
  • Integrate continuous monitoring of device patch levels into your configuration‑management database (CMDB) to surface future gaps automatically.

Source: Zero Day Initiative advisory ZDI‑26‑379

📰 Original Source
http://www.zerodayinitiative.com/advisories/ZDI-26-379/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Trust Operations

Misconfigurations are control gaps in disguise.

Verisq AI Trust Operations turns findings like this into mapped controls with continuous evidence, keeping your audit readiness current instead of point-in-time.

Map your controls with Verisq AI Trust Operations →