CVE Catalog

CVE-2026-54409

HighCVSS 7.5
Published: Updated: Translated: NVD NIST

Summary

A vulnerability in the UniFi Protect Application allows an attacker with network access, under certain conditions, to bypass authentication in UniFi Protect Cameras due to improper initialization.

Risk Assessment

An attacker can gain unauthorized access to cameras, compromising the confidentiality and integrity of monitored footage and potentially enabling further network attacks.

Recommendation

Immediately update the UniFi Protect Application to the latest version provided by the vendor and restrict trusted network access to the system.

Original NVD description (English source)

A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS