{"id":288566,"date":"2026-07-12T07:12:00","date_gmt":"2026-07-12T11:12:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/07\/12\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firmware-attacks-rescana\/"},"modified":"2026-07-12T08:40:07","modified_gmt":"2026-07-12T12:40:07","slug":"critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firmware-attacks-rescana","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/07\/12\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firmware-attacks-rescana\/","title":{"rendered":"Critical U-Boot FIT Signature Verification Vulnerabilities (CVE-2026-46728) Expose Embedded Linux Devices to Stealthy Firmware Attacks \u2013 Rescana"},"content":{"rendered":"<p><a href=\"https:\/\/www.rescana.com\/post\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firm\">Critical U-Boot FIT Signature Verification Vulnerabilities (CVE-2026-46728) Expose Embedded Linux Devices to Stealthy Firmware Attacks \u2013 Rescana<\/a><\/p>\n<p><a href=\"https:\/\/www.rescana.com\/post\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firm\">https:\/\/www.rescana.com\/post\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firm<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-07-12 07:12:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.rescana.com\">www.rescana.com<\/a><\/p>\n<h2><strong>Executive Summary<\/strong><\/h2>\n<p>Multiple critical vulnerabilities have been identified in the <strong>U-Boot<\/strong>\u00a0bootloader\u2019s FIT (Flattened Image Tree) signature verification code, most notably <strong>CVE-2026-46728<\/strong>\u00a0and several flaws tracked by <strong>Binarly<\/strong>\u00a0(BRLY-2026-037 through BRLY-2026-042). These vulnerabilities allow attackers to bypass firmware signature verification, execute arbitrary code during the boot process, and install persistent, stealthy malware on a wide range of embedded Linux devices. The flaws are especially dangerous because exploitation occurs before the operating system loads, making detection extremely difficult and enabling attackers to establish deep persistence. While there are currently no confirmed public reports of exploitation in the wild, the attack surface is significant and proof-of-concept code is available in public research.<\/p>\n<h2><strong>Technical Information<\/strong><\/h2>\n<p>The most critical vulnerability, <strong>CVE-2026-46728<\/strong>, affects <strong>U-Boot<\/strong>\u00a0versions prior to 2026.04. It allows a bypass of FIT (Flat Image Tree) signature verification due to the omission of the hashed-nodes field from the hash calculation. This origin validation error (CWE-346) enables attackers to craft malicious firmware images that are accepted as valid, even if unsigned or tampered with. The vulnerability has a CVSS 3.1 score of 8.2 (High), with a vector of AV:L\/AC:L\/PR:H\/UI:N\/S:C\/C:H\/I:H\/A:H, indicating high impact on confidentiality, integrity, and availability.<\/p>\n<p><strong>Binarly<\/strong>\u00a0has also disclosed related flaws under identifiers BRLY-2026-037 through BRLY-2026-042, which include memory corruption, out-of-bounds reads, null pointer dereference, improper validation of external firmware data, and unbounded recursion leading to stack exhaustion. These issues can result in device crashes or arbitrary code execution during the boot process.<\/p>\n<p>The attack surface includes enterprise servers (especially those with <strong>BMCs<\/strong>), networking equipment, industrial systems, IoT devices, and other appliances using <strong>U-Boot<\/strong>. Attackers can exploit these&#8230;<\/p>\n<p><a href=\"https:\/\/www.rescana.com\/post\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firm\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Critical U-Boot FIT Signature Verification Vulnerabilities (CVE-2026-46728) Expose Embedded Linux Devices to Stealthy Firmware Attacks&#8230;<\/p>\n","protected":false},"author":1,"featured_media":288567,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.rescana.com\/post\/img\/critical-u-boot-fit-signature-verification-vulnerabilities-cve-2026-46728-expose-embedded-linux-devices-to-stealthy-firm-cover.png","fifu_image_alt":"","footnotes":""},"categories":[48],"tags":[90,31,71,32,27],"class_list":["post-288566","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-linux","tag-cve","tag-exploit","tag-linux","tag-malware","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/288566"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=288566"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/288566\/revisions"}],"predecessor-version":[{"id":288568,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/288566\/revisions\/288568"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/288567"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=288566"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=288566"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=288566"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}