FeedVulnerabilityUbiquiti patches three max severity UniFi OS vulnerabilities...
VulnerabilityBleeping Computer
10.0CRITICAL

Ubiquiti patches three max severity UniFi OS vulnerabilities

📅 22 May 2026 at 12:00 UTC📰 Bleeping ComputerView original source ↗
Ubiquiti patches three max severity UniFi OS vulnerabilities

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in Unify OS that can be exploited by remote attackers without privileges. [...]

🤖 AI BriefingAuto-generated threat analysis
🔍Threat Overview

Ubiquiti has released security updates to patch three maximum severity vulnerabilities in Unify OS, which can be exploited by remote attackers without privileges. The vulnerabilities were reported through the HackerOne bug bounty program and are believed to have been exploited in low-complexity attacks.

⚙️Technical Details
CVEs
CVE-2026-34908CVE-2026-34909CVE-2026-34910CVE-2026-33000CVE-2026-34911Affected Systems: UniFi OS devices
Affected Systems
UniFi OS devices
Attack Vectors
NETWORK
💥Impact Assessment
Severity: CRITICAL
Who Is at Risk
Organizations with UniFi OS devices, including those in the United States and potentially other countries.
🛡️Recommended Actions
1Implement security updates as soon as possible
2Monitor network traffic for suspicious activity
3Conduct regular vulnerability scans to identify potential weaknesses
📦Affected Products
UniFi OS devices
🔐NVD Verified DataVERIFIED
CVE-2026-34908CVSS 10CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Weaknesses
CWE-284
CVE-2026-34909CVSS 10CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Weaknesses
CWE-22
CVE-2026-34910CVSS 10CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Weaknesses
CWE-20
CVE-2026-33000CVSS 9.1CRITICAL
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Weaknesses
CWE-20
CVE-2026-34911CVSS 7.7HIGH
Attack Vector
NETWORK
Complexity
LOW
Vector String
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
Weaknesses
CWE-22

Read the full article

This is a curated summary. The complete article is available at Bleeping Computer.

Read on Bleeping Computer
← Back to feed