CyberAlerts is shutting down on June 30th, 2025. Thank you for your support!

CVE-2025-23117: An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent...

Description

An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.

Classification

CVE ID: CVE-2025-23117

Affected Products

Vendor: Ubiquiti Inc

Product: UniFi Protect Cameras

Exploit Prediction Scoring System (EPSS)

EPSS Score: 0.01% (probability of being exploited)

EPSS Percentile: 0.3% (scored less or equal to compared to others)

EPSS Date: 2025-03-29 (when was this score calculated)

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23117
https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f

Timeline