Is Ubiquiti affected by CVE-2026-22564?

Ubiquiti UniFi Play PowerAmp and Audio Port devices contain a critical remote authentication bypass (CVE-2026-22564) that allows unauthenticated network attackers to enable SSH and assume complete system control.

CVE-2026-22564

EUVD-2026-22093 CRITICAL

2026-04-13 hackerone

GHSA-h9r9-rwmc-3wm5

Authentication Bypass Ubiquiti

9.8

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack Vector

Network

Attack Complexity

Low

Privileges Required

None

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

High

Availability

High

Lifecycle Timeline

Re-analysis Queued

Apr 17, 2026 - 15:37 vuln.today

cvss_changed

Analysis Updated

Apr 16, 2026 - 05:44 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

patch_available

Apr 16, 2026 - 05:29 EUVD

1.0.38,1.1.9

Analysis Generated

Apr 15, 2026 - 12:36 vuln.today

DescriptionNVD

An Improper Access Control vulnerability could allow a malicious actor with access to the UniFi Play network to enable SSH to make unauthorized changes to the system.

Affected Products: UniFi Play PowerAmp (Version 1.0.35 and earlier) UniFi Play Audio Port (Version 1.0.24 and earlier)

Mitigation: Update UniFi Play PowerAmp to Version 1.0.38 or later Update UniFi Play Audio Port to Version 1.1.9 or later

AnalysisAI

Remote unauthenticated attackers can enable SSH and gain complete system control on Ubiquiti UniFi Play PowerAmp (≤1.0.35) and UniFi Play Audio Port (≤1.0.24) devices via improper access control. The vulnerability bypasses authentication mechanisms, allowing network-accessible adversaries to modify system configurations with critical impact across confidentiality, integrity, and availability (CVSS 9.8). …

RemediationAI

Within 24 hours: Inventory all Ubiquiti UniFi Play PowerAmp (≤1.0.35) and UniFi Play Audio Port (≤1.0.24) devices in your environment and isolate from untrusted networks. Within 7 days: Apply vendor patch to affected devices and verify SSH is disabled post-patching. …

Analysis

Detailed AI-generated intelligence summary covering attack vector, impact assessment, affected versions, remediation steps, and indicators of compromise.

POChttps://••••••••••.com/exploit

PATCHhttps://••••••••••.com/patch

ADVISORYhttps://••••••••••.com/advisory

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

CVE-2026-22564 vulnerability details – vuln.today

Back

CVE-2026-22564

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

RemediationAI

Full analysis requires sign-in

Share

External POC / Exploit Code