Authentication Bypass in UniFi Protect Application for Auto-Adopt Bridge Devices
CVE-2025-23116

9.6CRITICAL

Key Information:

Vendor

Ubiquiti Inc

Status
Unifi Protect Application
Vendor
CVE Published:
1 March 2025

Badges

๐Ÿ‘พ Exploit Exists๐Ÿ“ฐ News Worthy

What is CVE-2025-23116?

The UniFi Protect Application is vulnerable to an Authentication Bypass, particularly when Auto-Adopt Bridge Devices are enabled. This flaw may allow malicious actors with access to the adjacent network of UniFi Protect Cameras to gain unauthorized control over these devices, which can lead to significant security risks to the affected systems. Users of the UniFi Protect Application are advised to review security practices and mitigate potential risks associated with this vulnerability.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

UniFi Protect Application 5.2.49

News Articles

favicon imageGBHackers News

Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks

The vulnerabilities, discovered during the Pwn2Own 2025 hacking competition, affect UniFi Protect Cameras.

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.0

Score:
9.6
Severity:
CRITICAL
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Changed

Timeline

  • Vulnerability published

  • ๐Ÿ‘พ

    Exploit known to exist

  • ๐Ÿ“ฐ

    First article discovered by GBHackers News

  • Vulnerability Reserved

JSON
.