Local Privilege Escalation Vulnerability in UniFi Network Application by Ubiquiti Networks
CVE-2024-42028

Currently unrated

Key Information:

Vendor: Ubiquiti Networks
Status: UniFi Network Application
Vendor: CVE Published:; 28 October 2024

🔔 Create Ubiquiti Networks Vulnerability Alert

What is CVE-2024-42028?

A local privilege escalation vulnerability exists in the Self-Hosted UniFi Network Server running the UniFi Network Application, specifically in versions 8.4.62 and earlier. This security flaw permits a malicious actor with local operating system access to execute commands or take actions that require higher privileges, potentially compromising the integrity and security of the network server. Remediation measures are critical to prevent unauthorized access and ensure the secure operation of the system.

References

https://community.ui.com/releases/Security-Advisory-Bulle...

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 28, 2024