Ubiquiti has released updates to fix several critical security vulnerabilities affecting its UniFi product line, including Connect, Talk, Access, Protect, and OS. These vulnerabilities, if exploited, could lead to privilege escalation and arbitrary command execution on affected systems.
Details of the Security Vulnerabilities
The critical vulnerabilities include CVE-2026-50746, an improper access control issue in the UniFi Connect Application, allowing network-accessible attackers to perform command injections. This flaw affects versions up to 3.4.16 and is resolved in version 3.4.20.
Another significant flaw, CVE-2026-50747, involves a series of authenticated SQL injection vulnerabilities in UniFi Talk, potentially leading to privilege escalation. This issue is present in versions 5.1.2 and earlier, with a fix available in version 5.2.2.
Additional Vulnerabilities and Fixes
Further vulnerabilities include CVE-2026-50748 and CVE-2026-54400 in UniFi Access, affecting versions 4.2.28 and earlier. These could allow for command injections and privilege escalation, respectively, and have been patched in version 4.2.29.
In UniFi Protect, CVE-2026-55115, a Server-Side Request Forgery (SSRF) vulnerability, could be used by attackers with low privileges to gain elevated access. This has been addressed in version 7.1.83. Additionally, two issues in UniFi OS, CVE-2026-54402 and CVE-2026-55116, have been patched in version 5.1.19.
Implications and Past Exploitations
While there are no indications that these specific vulnerabilities have been exploited in the wild, previous vulnerabilities in UniFi OS were reportedly used in real-world attacks, as noted by the U.S. Cybersecurity and Infrastructure Security Agency (CISA). This highlights the importance of timely updates.
Moreover, Russian state-sponsored actors have been linked to the use of compromised Ubiquiti Edge OS routers in a botnet operation known as MooBot, which was dismantled in a 2024 enforcement action.
Ubiquiti’s prompt response in addressing these vulnerabilities underscores the critical need for users to apply updates to maintain network security and protect against potential threats.
