Improper Certificate Validation in UniFi Protect Cameras by Ubiquiti
CVE-2025-23118
6.4MEDIUM
Key Information:
- Vendor
- Ubiquiti Inc
- Status
- Unifi Protect Cameras
- Vendor
- CVE Published:
- 1 March 2025
Summary
An improper certificate validation vulnerability in Ubiquiti's UniFi Protect Cameras may allow an authenticated attacker within the adjacent network to implement unauthorized modifications to the camera system. This can lead to potential exploit scenarios that compromise the security integrity of the surveillance system and its configurations.
Affected Version(s)
UniFi Protect Cameras 4.74.106
References
CVSS V3.0
Score:
6.4
Severity:
MEDIUM
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Adjacent Network
Attack Complexity:
High
Privileges Required:
High
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved