CVE-2025-23123

Summary

A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware.

Affected Software

VendorProductVersion RangeStatus
Ubiquiti IncUniFi Protect Cameras4.75.62 < 4.75.62affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References