Improper Certificate Validation in UniFi Protect Cameras by Ubiquiti
CVE-2025-23118

6.4MEDIUM

Key Information:

Vendor
Ubiquiti Inc
Status
Unifi Protect Cameras
Vendor
CVE Published:
1 March 2025

Summary

An improper certificate validation vulnerability in Ubiquiti's UniFi Protect Cameras may allow an authenticated attacker within the adjacent network to implement unauthorized modifications to the camera system. This can lead to potential exploit scenarios that compromise the security integrity of the surveillance system and its configurations.

Affected Version(s)

UniFi Protect Cameras 4.74.106

References

CVSS V3.0

Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.