Skip to main content

UniFi Protect EUVDEUVD-2026-41382

| CVE-2026-54409 HIGH
Improper Initialization (CWE-665)
2026-07-02 hackerone GHSA-5wch-8p23-hj3x
7.5
CVSS 3.1 · Vendor: hackerone
Share

Severity by source

Vendor (hackerone) PRIMARY
7.5 HIGH
AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
vuln.today AI
7.1 HIGH

Network-reachable and unauthenticated (AV:N/PR:N) but gated by specific conditions and a user action (AC:H/UI:R); camera access gives high C/I, with availability only limited (A:L).

3.1 AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:L
4.0 AV:N/AC:H/AT:P/PR:N/UI:P/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N

Primary rating from Vendor (hackerone).

CVSS VectorVendor: hackerone

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Attack Vector
Network
Attack Complexity
High
Privileges Required
None
User Interaction
Required
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High

Lifecycle Timeline

2
Patch available
Jul 02, 2026 - 16:17 EUVD
Analysis Generated
Jul 02, 2026 - 15:36 vuln.today

DescriptionCVE.org

A malicious actor with access to the network and under certain conditions could exploit an Improper Initialization vulnerability found in UniFi Protect Application to bypass authentication in UniFi Protect Cameras.

AnalysisAI

Authentication bypass in Ubiquiti's UniFi Protect Application lets a network-adjacent attacker gain unauthorized access to managed UniFi Protect Cameras by abusing an improper initialization flaw (CWE-665). The issue is remotely reachable but constrained - successful exploitation requires specific conditions and some user interaction - and no public exploit code has been identified at time of analysis. …

Unlock full vulnerability intelligence

  • Risk assessment & exploitation conditions
  • Attack chain visualization
  • Remediation with exact patch versions
  • Threat intelligence from 22 sources
  • Personal watchlist & email alerts

Free forever · No credit card required

Attack ChainAIDerived

Hypothetical attack flow derived from CVE metadata

Access
Gain network reach to UniFi Protect app
Delivery
Induce required user interaction
Exploit
Trigger improper-initialization state
Execution
Bypass authentication check
Impact
Access managed UniFi cameras and feeds

Vulnerability AssessmentAI

Exploitation Exploitation requires network access to the UniFi Protect Application (AV:N, described as 'access to the network') and does not require pre-existing credentials (PR:N) - the flaw itself bypasses authentication. … Additional conditions and limiting factors are described in the full assessment.
Risk Assessment The signals point to a real-but-non-emergency risk rather than mass exploitation. … Full risk analysis with EPSS, KEV, and SSVC signal comparison available after sign-in.
Exploit Scenario An attacker who can reach the UniFi Protect application on the network waits for or induces the specific conditions and user interaction the flaw requires, then leverages the improperly initialized authentication state to slip past login and reach the managed cameras. Once past authentication they can view live and recorded feeds and alter camera or Protect configuration. …
Remediation Patch available per vendor advisory: apply the UniFi Protect Application update referenced in Ubiquiti Security Advisory Bulletin 066 (https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc); the input data does not specify an exact fixed version, so confirm the target build from that bulletin before deploying. … Detailed patch versions, workarounds, and compensating controls in full report.

Recommended ActionAI

Within 24 hours: Identify all Ubiquiti UniFi Protect deployments and document versions in use; restrict network access to management interfaces to trusted networks only; implement network-level filtering if possible. …

Sign in for detailed remediation steps and compensating controls.

Threat intelligence, references, and detailed analysis are available after sign-in.

Share

EUVD-2026-41382 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy