CVE-2025-23123 (CVSS 10): Critical UniFi Protect Cameras Flaw Demands Immediate Updates - #CVE-2025-23123
Ubiquiti has released a critical security advisory for its UniFi Protect ecosystem, highlighting two significant vulnerabilities. The first, CVE-2025-23123, is a severe remote code execution flaw with a CVSS score of 10.0, affecting UniFi Protect Camera firmware versions 4.75.43 and earlier. This heap buffer overflow vulnerability could allow attackers to execute arbitrary code, potentially compromising the entire camera system. The second vulnerability, CVE-2025-23164, impacts the UniFi Protect Application (version 5.3.41 and earlier) due to a misconfigured access token mechanism. To mitigate these risks, users are strongly advised to update their camera firmware to version 4.75.62 or later, and the UniFi Protect Application to version 5.3.45 or later. These updates are crucial for maintaining the security and integrity of surveillance systems and preventing unauthorized access to video feeds.