Important news for UniFi network hardware users! An integer overflow vulnerability discovered in all UniFi Access Points and Switches (excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE)) demands immediate action. Protect your network—swiftly upgrade firmware to mitigate risks. Safeguard against potential exploits and ensure uninterrupted connectivity.
Following via UniFi Forum
Overview
Published: Aug 9, 2023
Version: 1.1 Revision: 1.1
Summary 1 of 2
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.50 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update the UniFi Switches to Version 6.5.59 or later.
Impact:
CVSS v3.0 Severity and Metrics:
Base Score: 9.0 Critical
Vector:
CVSS: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE: CVE-2023-35085 (Mathew Marcus)
Summary 2 of 2
A command injection vulnerability in the DHCP Client function of all UniFi Access Points and Switches, excluding the Switch Flex Mini, could allow a Remote Code Execution (RCE).
Affected Products:
All UniFi Access Points (Version 6.5.53 and earlier)
All UniFi Switches (Version 6.5.32 and earlier)
USW Flex Mini excluded.
Mitigation:
Update UniFi Access Points to Version 6.5.62 or later.
Update UniFi Switches to Version 6.5.59 or later.
Impact:
CVSS v3.0 Severity and Metrics:
Base Score: 8.3 High
Vector:
CVSS: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
CVE: CVE-2023-38034 (Mathew Marcus)
Reference Links:
https://community.ui.com/releases/UniFi-Access-Point-6-5-64/d8a0725c-a12b-44b2-bce3-e540602ecb81
https://community.ui.com/releases/UniFi-Access-Point-6-5-62/5f88c727-f812-4be7-9560-5f5d22a824d8
https://community.ui.com/releases/UniFi-Switch-6-5-59/124a0554-6d46-4c51-baba-efb99e330099
Read more via UniFi community forum: https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56