Improper Certificate Validation in UniFi Protect Cameras by Ubiquiti
CVE-2025-23118

6.4MEDIUM

Key Information:

Vendor: Ubiquiti Inc
Status: Unifi Protect Cameras
Vendor: CVE Published:; 1 March 2025

🔔 Create Ubiquiti Inc Vulnerability Alert

What is CVE-2025-23118?

An improper certificate validation vulnerability in Ubiquiti's UniFi Protect Cameras may allow an authenticated attacker within the adjacent network to implement unauthorized modifications to the camera system. This can lead to potential exploit scenarios that compromise the security integrity of the surveillance system and its configurations.

Affected Version(s)

UniFi Protect Cameras 4.74.106

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.0

Score:

6.4

Severity:

MEDIUM

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

High

Privileges Required:

High

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 1, 2025
Vulnerability Reserved
Jan 11, 2025