Can Remote Hacks Compromise Your UniFi Protect Camera System?

Article Highlights
Off On

Protecting your home and business with surveillance cameras is a common practice, but the vulnerability of these systems to remote hacks raises serious concerns. Recently, Ubiquiti Networks issued an urgent security advisory regarding several critical vulnerabilities in its UniFi Protect camera ecosystem. These issues, including remote code execution (RCE), have exposed significant weaknesses that could allow hackers to gain unauthorized access and control over camera systems. With the threats discovered by Trend Micro’s Zero Day Initiative (ZDI) during the 2025 Pwn2Own Toronto hacking competition, it is crucial to understand the impact and steps needed to safeguard these devices.

Critical Vulnerabilities

The primary vulnerabilities identified within the UniFi Protect system encompass both firmware and the management application. Two of the most severe vulnerabilities could enable complete device takeover through unauthorized network-adjacent attacks. Specifically, CVE-2025-23115 and CVE-2025-23116 pose grave threats due to their high severity scores. CVE-2025-23115 is a memory corruption issue existing in firmware versions ≤4.74.88, which allows attackers to execute arbitrary code via specially crafted network packets. This flaw arises from improper handling of RTSP stream metadata buffers leading to retained invalidated pointers after memory reallocation. When exploited successfully, attackers can achieve root-level command execution on the camera’s Linux-based system.

Meanwhile, CVE-2025-23116 is associated with an authentication bypass vulnerability through the Auto-Adopt Bridge feature, found in UniFi Protect Application versions ≤5.2.46. Attackers exploiting this can forge adoption requests using default device certificates due to the protect-adoptd service failing to validate TLS client certificates during the device provisioning sequence. These two vulnerabilities significantly elevate risks by granting attackers unauthorized command execution and bridging into protected networks.

Medium-Severity Vulnerabilities

Aside from the high-severity issues, there are other notable vulnerabilities adding to the threat landscape. CVE-2025-23117 involves a firmware validation bypass caused by the use of a static AES-128-CBC key during the firmware update process. The firmware validation flaw—fixed in version 4.74.106—previously permitted attackers to sideload modified firmware images. The introduction of per-device key derivation using HKDF-SHA256 is a countermeasure to this vulnerability.

Similarly, CVE-2025-23118 identifies a flaw in certificate validation within the UniFi Protect web interface, using the nginx web server. Improper validation of Let’s Encrypt certificates allowed Man-in-the-Middle (MITM) attacks. The fix, incorporating certificate transparency logs and OCSP stapling, aims to fortify against such interception attempts. Another medium-severity vulnerability, CVE-2025-23119, highlights how the camera’s syslog service improperly sanitized ANSI escape sequences in log messages, leading to potential terminal emulator escape attacks. A regex filter implementation has been applied to mitigate this issue.

Mitigation and Recommendations

The discovery of these vulnerabilities impacting over 1.2 million deployed UniFi Protect devices signifies the urgency of implementing robust security measures. Ubiquiti has provided specific recommendations for instant mitigation, which include updating camera firmware to version 4.74.106 or higher and upgrading the UniFi Protect Application to version 5.2.49 or beyond. Disabling the Auto-Adopt Bridge feature, if it is not being used, and incorporating network segmentation for camera VLANs can also help minimize exposure.

Security teams should vigilantly monitor indicators of compromise (IoCs) such as unusual outbound connections on TCP/443 to unknown autonomous systems, the spawning of the ubntstreamd process to /bin/sh, and any modification of /etc/passwd indicating the addition of new UID 0 accounts. These steps collectively reduce the risk of potential exploitation and enhance overall cybersecurity posture.

Future Considerations

The identified vulnerabilities pose severe risks, as they can be exploited by attackers to infiltrate and manipulate the surveillance systems. Consequently, understanding the impact and taking appropriate measures to protect these devices is essential. Regularly updating firmware, implementing strong passwords, and using network security protocols can help mitigate some of these threats. With the growing reliance on surveillance technology, ensuring its security is crucial for safeguarding both personal and business interests.

Explore more

Revolutionizing SaaS with Customer Experience Automation

Imagine a SaaS company struggling to keep up with a flood of customer inquiries, losing valuable clients due to delayed responses, and grappling with the challenge of personalizing interactions at scale. This scenario is all too common in today’s fast-paced digital landscape, where customer expectations for speed and tailored service are higher than ever, pushing businesses to adopt innovative solutions.

Trend Analysis: AI Personalization in Healthcare

Imagine a world where every patient interaction feels as though the healthcare system knows them personally—down to their favorite sports team or specific health needs—transforming a routine call into a moment of genuine connection that resonates deeply. This is no longer a distant dream but a reality shaped by artificial intelligence (AI) personalization in healthcare. As patient expectations soar for

Trend Analysis: Digital Banking Global Expansion

Imagine a world where accessing financial services is as simple as a tap on a smartphone, regardless of where someone lives or their economic background—digital banking is making this vision a reality at an unprecedented pace, disrupting traditional financial systems by prioritizing accessibility, efficiency, and innovation. This transformative force is reshaping how millions manage their money. In today’s tech-driven landscape,

Trend Analysis: AI-Driven Data Intelligence Solutions

In an era where data floods every corner of business operations, the ability to transform raw, chaotic information into actionable intelligence stands as a defining competitive edge for enterprises across industries. Artificial Intelligence (AI) has emerged as a revolutionary force, not merely processing data but redefining how businesses strategize, innovate, and respond to market shifts in real time. This analysis

What’s New and Timeless in B2B Marketing Strategies?

Imagine a world where every business decision hinges on a single click, yet the underlying reasons for that click have remained unchanged for decades, reflecting the enduring nature of human behavior in commerce. In B2B marketing, the landscape appears to evolve at breakneck speed with digital tools and data-driven tactics, but are these shifts as revolutionary as they seem? This