Unifi Security Advisory bulletin 039
https://community.ui.com/releases/Security-Advisory-bulletin-039-039/44e24007-2c2c-4ac0-bebf-3f19b9b24f09
Overview
Published: April 18, 2024
Version: 1.0
Revision: 1.0
Summary 1 of 3
An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system.
Affected Products:
UniFi Connect EV Station (Version 1.1.18 and earlier)
UniFi Connect EV Station Pro (Version 1.1.18 and earlier)
UniFi Access G2 Reader Pro (Version 1.2.172 and earlier)
UniFi Access Reader Pro (Version 2.7.238 and earlier)
UniFi Access Intercom (Version 1.0.66 and earlier)
UniFi Access Intercom Viewer (Version 1.0.5 and earlier)
UniFi Connect Display (Version 1.9.324 and earlier)
UniFi Connect Display Cast (Version 1.6.225 and earlier)
Mitigation:
Update UniFi Connect Application to Version 3.10.7 or later.
Update UniFi Connect EV Station to Version 1.2.15 or later.
Update UniFi Connect EV Station Pro to Version 1.2.15 or later.
Update UniFi Access G2 Reader Pro Version 1.3.37 or later.
Update UniFi Access Reader Pro Version 2.8.19 or later.
Update UniFi Access Intercom Version 1.1.32 or later.
Update UniFi Access Intercom Viewer Version 1.1.6 or later.
Update UniFi Connect Display to Version 1.11.348 or later.
Update UniFi Connect Display Cast to Version 1.8.255 or later.
Impact:
CVSS v3.0 Severity and Metrics:
Base Score: 2.2 Low
Vector:
CVSS: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
CVE: CVE-2024-29206 (Synacktiv and Sina Kheirkhah at Zero Day Initiative - Pwn2Own Automotive 2024 Tokyo)
Summary 2 of 3
An Improper Certificate Validation could allow a malicious actor with access to an adjacent network to take control of the system.
Affected Products:
UniFi Connect Application (Version 3.7.9 and earlier)
UniFi Connect EV Station (Version 1.1.18 and earlier)
UniFi Connect EV Station Pro (Version 1.1.18 and earlier)
UniFi Connect Display (Version 1.9.324 and earlier)
UniFi Connect Display Cast (Version 1.6.225 and earlier)
Mitigation:
Update UniFi Connect Application to Version 3.10.7 or later.
Update UniFi Connect EV Station to Version 1.2.15 or later.
Update UniFi Connect EV Station Pro to Version 1.2.15 or later.
Update UniFi Connect Display to Version 1.11.348 or later.
Update UniFi Connect Display Cast to Version 1.8.255 or later.
Impact:
CVSS v3.0 Severity and Metrics:
Base Score: 7.5 High
Vector:
CVSS: CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
CVE: CVE-2024-29207 (Synacktiv at Zero Day Initiative - Pwn2Own Automotive 2024 Tokyo)
Summary 3 of 3
An Unverified Password Change could allow a malicious actor with API access to the device to change the system password without knowing the previous password.
Affected Products:
UniFi Connect EV Station (Version 1.1.18 and earlier)
UniFi Connect EV Station Pro (Version 1.1.18 and earlier)
UniFi Connect Display (Version 1.9.324 and earlier)
UniFi Connect Display Cast (Version 1.6.225 and earlier)
Mitigation:
Update UniFi Connect Application to Version 3.10.7 or later.
Update UniFi Connect EV Station to Version 1.2.15 or later.
Update UniFi Connect EV Station Pro to Version 1.2.15 or later.
Update UniFi Connect Display to Version 1.11.348 or later.
Update UniFi Connect Display Cast to Version 1.8.255 or later.
Impact:
CVSS v3.0 Severity and Metrics:
Base Score: 2.2 Low
Vector:
CVSS: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:N
CVE: CVE-2024-29208 (Synacktiv at Zero Day Initiative - Pwn2Own Automotive 2024 Tokyo )
Reference Links:
https://community.ui.com/releases/UniFi-Access-Reader-Pro-2-8-19/7d948ac6-72b7-4679-bf35-f1f1356735e1
https://community.ui.com/releases/UniFi-Access-Reader-G2-Pro-1-3-37/4fcd1542-2b5d-4fd0-ab3e-f02fdc89d81b
https://community.ui.com/releases/UniFi-Access-Intercom-1-1-32/1aae771e-2bf1-427f-ad19-8f2dfbf15b1c
https://community.ui.com/releases/UniFi-Access-Intercom-Viewer-1-1-6/85166e3d-4d38-4326-bc23-dc35a1c55bc0
https://community.ui.com/releases/UniFi-Connect-Application-3-10-7/7e184b44-4d0f-421b-8105-8dbf5afa9604