CVE-2025-23117

NVD	https://nvd.nist.gov/vuln/detail/CVE-2025-23117
CWE	https://cwe.mitre.org/data/definitions/346.html

An Insufficient Firmware Update Validation vulnerability could allow an authenticated malicious actor with access to UniFi Protect Cameras adjacent network to make unsupported changes to the camera system.

Weakness

The product does not properly verify that the source of data or communication is valid.

https://cwe.mitre.org/data/definitions/111.html
https://cwe.mitre.org/data/definitions/141.html
https://cwe.mitre.org/data/definitions/142.html
https://cwe.mitre.org/data/definitions/160.html
https://cwe.mitre.org/data/definitions/21.html
https://cwe.mitre.org/data/definitions/384.html
https://cwe.mitre.org/data/definitions/385.html
https://cwe.mitre.org/data/definitions/386.html
https://cwe.mitre.org/data/definitions/387.html
https://cwe.mitre.org/data/definitions/388.html
https://cwe.mitre.org/data/definitions/510.html
https://cwe.mitre.org/data/definitions/59.html
https://cwe.mitre.org/data/definitions/60.html
https://cwe.mitre.org/data/definitions/75.html
https://cwe.mitre.org/data/definitions/76.html
https://cwe.mitre.org/data/definitions/89.html

References

https://community.ui.com/releases/Security-Advisory-Bulletin-046-046/9649ea8f-93db-4713-a875-c3fd7614943f

Origin Validation Error

Weakness

Related Attack Patterns

References