CVE-2019-25651

Summary

Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesses that allow attackers to recover encryption keys from captured traffic. Attackers with adjacent network access can capture sufficient encrypted traffic and exploit AES-CBC mode vulnerabilities to derive the encryption keys, enabling unauthorized control and management of network devices.

Affected Software

VendorProductVersion RangeStatus
UbiquitiUniFi Network Controller0 < 5.6.42affected
UbiquitiUniFi Network Controller5.6.43 < 5.10.12affected
UbiquitiUniFi UAP Firmware0 < 4.0.6affected
UbiquitiUniFi UAP-AC Firmware0 < 3.8.17affected
UbiquitiUniFi USW Firmware0 < 4.0.6affected
UbiquitiUniFi USG Firmware0 < 4.4.34affected

Weaknesses

  • CWE-327: CWE-327 Use of a Broken or Risky Cryptographic Algorithm

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: total

References