CVE-2025-23118

MEDIUM

UniFi Protect < - Privilege Escalation

Title source: llm

Description

An Improper Certificate Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.

References (1)

[Release Notes] https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f

Scores

CVSS v3 6.4

EPSS 0.0007

EPSS Percentile 21.8%

Attack Vector ADJACENT_NETWORK

CVSS:3.0/AV:A/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment

Exploitation none

Automatable no

Technical Impact total

Details

CWE

CWE-295

Status published

Products (1)

Ubiquiti Inc/UniFi Protect Cameras 4.74.106

Published Mar 01, 2025

Tracked Since Feb 18, 2026