Ubiquity UniFi Protect: Infiltration of malicious code possible
The manufacturer closes two security gaps in Ubiquity UniFi Protect. Attackers can infiltrate and execute malicious code, for example.
(Image: TimmyTimTim/Shutterstock.com)
Two security vulnerabilities have been discovered in Ubiquity Unifi Protect. One is classified as critical and allows the infiltration and execution of malicious code. The manufacturer has released updated software, which users should download and install as soon as possible.
Ubiquity discusses the vulnerabilities in a security release. Malicious actors with access to the management network can provoke a heap-based buffer overflow in the Unifi Protect cameras with firmware 4.75.43 and earlier and thereby inject and execute arbitrary code (CVE-2025-23123, CVSS 10.0, risk"critical"). The highest risk rating shows that the vulnerability can be easily abused. Botnet operators such as those of the Mirai botnet like to exploit such vulnerabilities to permanently anchor their malware in networks.
Ubiquity Unifi Protect: App also vulnerable
An incorrectly configured access token mechanism in the Ubiquity Unifi Protect application in version 5.3.41 and older could still grant recipients of "Share Livestream" links access to them, even if the link has been deactivated in the app (CVE-2025-23164, CVSS 4.4, risk"medium").
There is no further information on exactly what the vulnerabilities look like and how attackers can exploit them. Ubiquity also does not provide any information on how those affected could recognize attempted attacks. Nor does the manufacturer provide any information whether the gaps are already being attacked in the wild. However, as one of the security vulnerabilities has even been given the highest rating of critical, admins should download and apply the updates as soon as possible.
Videos by heise
The updated firmware for Unifi Protect cameras in version 4.75.62 is available from Ubiquity on its website. However, the manufacturer does not mention that the update fixes a critical vulnerability. The bug-fixed Unifi Protext application 5.3.45 is also available – but here, too, Ubiquity does not mention that the update is security-relevant.
Last October, Ubiquity patched a high-risk security vulnerability in the Unifi Network Server. This allowed attackers to extend their rights in the system for on-premises installations.
(dmk)
