CVE-2023-35085

Published: Aug 10, 2023Modified: Nov 21, 2024

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.

Affected (2)

Products: Ui: Unifi Uap Firmware, Unifi Switch Firmware

2 products

Unifi Uap Firmware

Unifi Switch Firmware

Configuration A

1 vulnerable · 18 platform

Vulnerable Software	Affected Versions
Ui Unifi Uap Firmware	Up to 6.5.50

Running on/with	Platform Versions
Ui U6+	All versions
Ui U6 Enterprise	All versions
Ui U6 Enterprise Iw	All versions
Ui U6 Extender	All versions
Ui U6 Iw	All versions
Ui U6 Lite	All versions
Ui U6 Lr	All versions
Ui U6 Mesh	All versions
Ui U6 Pro	All versions
Ui Uap Ac Iw	All versions
Ui Uap Ac Lite	All versions
Ui Uap Ac Lr	All versions
Ui Uap Ac M	All versions
Ui Uap Ac M Pro	All versions
Ui Uap Ac Pro	All versions
Ui Ubb	All versions
Ui Ubb Xg	All versions
Ui Uwb Xg	All versions

Configuration B

1 vulnerable · 27 platform

Vulnerable Software	Affected Versions
Ui Unifi Switch Firmware	Up to 6.5.32

Running on/with	Platform Versions
Ui Us 16 150w	All versions
Ui Us 24 250w	All versions
Ui Us 48 500w	All versions
Ui Us 8 150w	All versions
Ui Us 8 60w	All versions
Ui Us Xg 6poe	All versions
Ui Usw 16 Poe	All versions
Ui Usw 24	All versions
Ui Usw 24 Poe	All versions
Ui Usw 48	All versions
Ui Usw 48 Poe	All versions
Ui Usw Aggregation	All versions
Ui Usw Enterprise 24 Poe	All versions
Ui Usw Enterprise 48 Poe	All versions
Ui Usw Enterprise 8 Poe	All versions
Ui Usw Enterprisexg 24	All versions
Ui Usw Flex	All versions
Ui Usw Flex Xg	All versions
Ui Usw Industrial	All versions
Ui Usw Lite 16 Poe	All versions
Ui Usw Lite 8 Poe	All versions
Ui Usw Mission Critical	All versions
Ui Usw Pro 24	All versions
Ui Usw Pro 24 Poe	All versions
Ui Usw Pro 48	All versions
Ui Usw Pro 48 Poe	All versions
Ui Usw Pro Aggregation	All versions

Related CWEs

CWE-190

Integer Overflow or Wraparound

The product performs a calculation that can produce an integer overflow or wraparound when the logic assumes that the resulting value will always be larger than the original value. This occurs when an integer value is incremented to a value that is too large to store in the associated representation. When this occurs, the value may become a very small or negative number.

References (2)

https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56

Source: support@hackerone.com

Issue TrackingVendor Advisory

https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingVendor Advisory

Timeline

No history available yet.