Full Report
Ubiquiti security advisory (AV26-258)
Analysis Summary
# Vulnerability: Ubiquiti UniFi Network Application Critical Improper Access Control
## CVE Details
- **CVE ID:** CVE-2026-28163 (Internal reference: Security Advisory Bulletin 062)
- **CVSS Score:** 9.8 (Critical)
- **CWE:** CWE-284 (Improper Access Control)
## Affected Systems
- **Products:** UniFi Network Application (Software and Console-based)
- **Versions:**
- Version 9.0.114 and prior
- Version 10.1.85 and prior
- Version 10.2.93 and prior
- **Configurations:** Systems running the Network Application without the latest security patches.
## Vulnerability Description
The UniFi Network application is vulnerable to an improper access control flaw. This vulnerability allows an unauthenticated remote attacker to bypass security restrictions by sending a specially crafted request to the application. This can lead to unauthorized access to the management interface, potentially allowing for administrative-level actions without legitimate credentials.
## Exploitation
- **Status:** Not currently reported as exploited in the wild (as of advisory date).
- **Complexity:** Low
- **Attack Vector:** Network (Remote)
## Impact
- **Confidentiality:** High (Potential access to network configuration and client data)
- **Integrity:** High (Ability to modify network settings and device configurations)
- **Availability:** High (Potential to disrupt network services or lock out legitimate administrators)
## Remediation
### Patches
Ubiquiti recommends updating to the following versions or newer:
- **UniFi Network Application 9.0.115**
- **UniFi Network Application 10.1.86**
- **UniFi Network Application 10.2.94**
### Workarounds
- No specific workarounds are provided; immediate patching is highly recommended due to the "Critical" severity rating.
- Restrict access to the UniFi management interface to trusted IP addresses/VPNs to reduce the attack surface.
## Detection
- **Indicators of Compromise:** Monitor audit logs for unusual administrative logins or configuration changes originating from unknown IP addresses.
- **Detection methods and tools:** Check the version of the UniFi Network Application via the "Settings" > "About" section or the application's underlying operating system.
## References
- Ubiquiti security advisory: hxxps[://]community[.]ui[.]com/releases/Security-Advisory-Bulletin-062-062/c29719c0-405e-4d4a-8f26-e343e99f931b
- Canadian Centre for Cyber Security Bulletin: hxxps[://]www[.]cyber[.]gc[.]ca/en/alerts-advisories/ubiquiti-security-advisory-av26-258