Ubiquiti Networks is facing a major security threat as critical vulnerabilities have been discovered in its UniFi Protect camera ecosystem. These vulnerabilities, recently exposed during the Pwn2Own 2025 hacking competition, pose a significant risk to network infrastructure and device security.

The most alarming vulnerability identified is CVE-2025-23115, which has a CVSS score of 9.0, indicating a high severity level. This vulnerability enables attackers to exploit a memory corruption flaw in the camera firmware’s HTTP management interface, allowing them to execute arbitrary code. By sending specially crafted packets, attackers could gain full control of the device, making it a potential entry point for larger network infiltration.

Another critical vulnerability, CVE-2025-23116, with a CVSS score of 9.6, allows for an authentication bypass in the UniFi Protect Application when the Auto-Adopt Bridge Devices feature is enabled. This flaw exposes the system to adjacent network attackers who could adopt unauthorized cameras and manipulate their settings, posing a serious security risk.

Furthermore, CVE-2025-23119, with a CVSS score of 7.5, highlights improper neutralization of escape sequences in the camera’s command-line interface, paving the way for unauthenticated remote code execution through malicious API requests. These vulnerabilities, along with other identified flaws, such as insufficient firmware validation and improper certificate checks, open the door for potential attacks and breaches on the affected devices.

The exploitation scenarios associated with these vulnerabilities are concerning. If successfully exploited, compromised cameras could facilitate lateral movement within the network, surveillance hijacking, and even botnet recruitment. The risks presented by these vulnerabilities were demonstrated by researchers at Synacktiv and STEALIEN Inc. during the Pwn2Own competition, shedding light on the dangers of unpatched IoT devices within enterprise environments.

To address these critical security concerns, Ubiquiti has released patches in UniFi Protect Camera firmware v4.74.106 and UniFi Protect Application v5.2.49. Administrators are urged to immediately update all devices, disable unnecessary features like Auto-Adopt Bridge Devices, and segment camera traffic into isolated VLANs to minimize adjacent network access.

Industry experts stress the importance of proactive security measures, urging users to monitor network traffic for anomalies, implement strict firewall rules, and regularly audit device logs for signs of compromise. These vulnerabilities underscore the need for robust IoT security practices, especially in devices that handle sensitive data like surveillance footage.

As Ubiquiti works towards rectifying these issues and rebuilding trust with its users, organizations are reminded of the critical importance of patch management and network segmentation. In a world where connected devices can be exploited as vulnerabilities, maintaining a strong defense against cyber threats is paramount for safeguarding network infrastructures and data integrity.

Source link