Summary
Ubiquiti patched five vulnerabilities in UniFi OS and UID Enterprise Agent, including three critical command injection and privilege escalation flaws with CVSS scores of 9.9. These vulnerabilities allow attackers with network access to take full control of networking hardware or steal sensitive data.
Take Action:
Make sure all your UniFi OS devices and UID Enterprise Agents are isolated from the internet and reachable only from trusted networks. Prioritize fixing any devices that are currently internet-facing. Then update everything to the fixed versions right away: UID Enterprise Agent 1.61.4, UniFi OS 5.1.15 (or 5.1.16 for UNAS storage appliances), and Express 4.0.15.
Read the full article on BeyondMachines
This article was originally published on BeyondMachines
Top comments (0)