Ubiquiti Networks

Ubiquiti Networks, a major provider of networking and wireless infrastructure equipment, has a high-severity vulnerability (CVSS 8.0) that requires local network access and user authentication but can result in complete compromise of confidentiality, integrity, and availability. The vulnerability was discovered by Sina Kheirkhah and reported on March 4, 2025, with a vendor patch deadline of July 2, 2025. Security teams should prioritize monitoring for exploitation attempts against Ubiquiti devices on their networks and prepare for patching once the fix becomes available.