MCNC Logo
Our hearts go out to everyone affected by Hurricane Helene. Our team has been working endlessly to make sure these communities in Western North Carolina have the resources they need during this challenging time. If you're looking to help out those in need, there are many ways to do so. We have included those options here: Hurricane Helene
02.03.2022

Ubiquiti UniFi Security Advisory

Alert
  • facebook share link
  • twitter share link
  • linkedin share link
  • mail share link

Date of Notice: 02/3/2022

Action Level - Critical

Description

Following the release of the widespread Log4J vulnerability (CVE-2021-44228) in December, security researchers have now observed an exploit in the wild targeting vulnerable Ubiquiti UniFi devices. This exploit could allow a remote attacker to execute code and make changes to your network configuration. A fix for this vulnerability was released in December, and this attack is only effective against non-updated devices. We recommend verifying patch levels of all Ubiquiti devices on your network and patching out of date devices as soon as possible.

Affected Devices

  • Ubiquiti Unifi Network 6.5.53 and earlier

Mitigation

  • In addition to patching, Ubiquiti also recommends disabling external access to these devices if currently enabled.

Remediation

  • Update to Unifi Network 6.5.54 or later

Vendor Resources

Ubiquiti Security Advisory

<-- Return to Cybersecurity Alerts...

MCNC
PO Box 12889
3021 East Cornwallis Road
RTP, NC 27709-2889
919-248-1900 Phone | 919-248-1101 Fax
Connect With Us
  • linkedin
  • instagram
  • x
  • facebook
  • youtube
© 2024 MCNC