Ubiquiti Inc. UniFi Protect Application Vulnerability

Photograph of a CCTV Camera

In the present cyber-milieu replete with cybercrime, software weaknesses, and with the tech industry’s general lax approach to privacy, it has become more important than ever that a good general awareness of cybersecurity is fostered among all people. Notably, the worst types of cyber-risks to take into account include cyber-attack methods such as social engineering scams, and most notable of all ransomware. Yet, this doesn’t discount the fact that there are also so many software weaknesses out there reported daily and that they also wreak havoc. Such software weaknesses can be exploited by cybercriminals who are always circling and watching for unguarded holes and gaps where they can sliver in and cause damage, compromise systems and data, and much more.

Recently, speaking of security holes and gaps, the brunt of alerts and reports seems to come from vendors of hardware equipment. Namely, well-established companies that are vendors of network equipment and other hardware products have been reporting vulnerabilities at a higher frequency than usual. Reports of software vulnerabilities in software that supports network equipment are especially worrying, as network equipment makes up the backbone of private, public, and enterprise business operations.

Ubiquiti Inc.

Regarding network equipment, yet another alarming vulnerability report has surfaced on August 31st, 2021 concerning the UniFi Protect Application. Ubiquiti Inc. has had its fair share of controversy in the past (like run-ins with the government) as well as some hefty security issues including trojans and cloud breaches. The majority of the controversies and issues stem from the fact that Ubiquiti Inc. has worked a great deal with distributors and questionable third parties.

What is UniFi Protect?

The UniFi Protect Application manages several types of devices such as; camera, access control, and storage for video. UniFi Protect is supplied by networking company Ubiquiti Inc. Ubiquiti, established in 2003 and based in the U.S., provides wireless data communication as well as wired solutions for all types of networking. Ubiquiti makes upwards of 1$ billion in revenue and provides a wide range of products that are sold under several brand names. According to the official Ubiquiti website, “UniFi Protect is Ubiquiti’s surveillance camera and video management system for UniFi cameras and security products.” More information reveals that the UniFi Protect software works with the Protect line of cameras, can manage them as well as manage other devices. With UniFi Protect, it is also possible to view camera streams as well as store recordings. Finally, the application allows adding ‘privacy zones’ to each configured camera, enabling smart detection and more. UniFi Protect functions in tandem with the UniFi OS Console hardware provided by Ubiquiti Inc.

The UniFi Protect Vulnerability

On August 31st, 2021 a software vulnerability entry was logged into the public CVE (Common Vulnerabilities and Exposures) database regarding the UniFi Protect Application vulnerability. The vulnerability may allow a remote attacker to elevate privileges and gain entry into the UniFi Protect Application by simply accessing the local network.

Technical Details

A vulnerability classified as problematic was found in the UniFi Protect Application affecting software versions up to 1.18.1. As far as the impact goes, it is known to affect confidentiality, integrity, and availability. This vulnerability was registered as CVE-2021-22944. The exploitation appears to be easy, and access to the local network is required for this attack. The requirement for exploitation is a single authentication. An exploit is not available as of yet. UniFi Protect application V1.18.1 and earlier allow a malicious actor with a view-only role and network access to gain the same privileges as the owner of the UniFi Protect application. Security researchers have noted that this attack is not possible from the Remote Management (Cloud) and is only possible via LAN (Local Area Network.)

Vulnerable Software Versions

The UniFi Protect application (hosted by UniFi OS Consoles) software versions V1.18.1 and earlier are affected by this vulnerability.

Important User Information

It is advisable for users and customers to know that a security fix is available. The fixed version that is available is version 1.19.0. Users should upgrade to the latest version immediately. The fix should be downloaded automatically by the system. Users can also refer to the UniFi Protect download page here, visit the help center here, or contact Ubiquiti via Facebook here.

Tech researcher & communications specialist
Mirza has an education background in Global Communications, has worked in advertising, marketing, journalism and television over the years while living in several different countries. He is now working to consolidate news and outreach at VPNoverview.com, while in his free time he likes to work on documentary projects, read about sociology and write about world events.