CVE-2026-2699: sharefile storage zones controller vulnerability

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.
CVE-2026-2699CVSS 9.8General

CVE-2026-2699: sharefile storage zones controller vulnerability

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

CVSS
9.8 CRITICAL
EPSS
98.75%
Known exploited
not in KEV
Product
sharefile storage zones controller

What is known

Customer Managed ShareFile Storage Zones Controller (SZC) allows an unauthenticated attacker to access restricted configuration pages. This leads to changing system configuration and potential remote code execution.

Sources