CVE-2024-45205
📋 TL;DR
The UniFi iOS app (versions 10.17.7 and earlier) fails to properly validate certificates when managing standalone UniFi Access Points, allowing attackers on adjacent networks to take control of those access points. This affects users who manage UniFi Access Points directly from the iOS app without using the UniFi Network Application.
💻 Affected Systems
- UniFi iOS App
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
An attacker gains full administrative control over the UniFi Access Point, enabling them to reconfigure network settings, intercept traffic, deploy malware, or use the device as a pivot point into the internal network.
Likely Case
An attacker on the same local network segment (coffee shop, hotel, office) intercepts management traffic and gains control of the access point, potentially disrupting service or monitoring user traffic.
If Mitigated
With proper network segmentation and updated software, the attack surface is limited to trusted management networks only.
🎯 Exploit Status
Requires attacker to be on adjacent network and intercept/man-in-the-middle the management communication between app and access point.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 10.18.0 or later
Vendor Advisory: https://community.ui.com/releases/UniFi-iOS-10-18-0/42f02428-544c-4626-b5b3-5ae40308edc7
Restart Required: No
Instructions:
1. Open the App Store on your iOS device. 2. Search for 'UniFi'. 3. Tap 'Update' next to the UniFi app. 4. Launch the updated app (10.18.0+).
🔧 Temporary Workarounds
Use UniFi Network Application
allManage UniFi Access Points through the UniFi Network Application instead of the standalone iOS app configuration.
Network Segmentation
allIsolate management traffic to a dedicated VLAN separate from user/client networks.
🧯 If You Can't Patch
- Discontinue using the iOS app for standalone access point management
- Physically isolate access points from untrusted networks and devices
🔍 How to Verify
Check if Vulnerable:
Check the UniFi iOS app version in Settings > About within the app. If version is 10.17.7 or earlier, you are vulnerable.Check Version:
Open UniFi iOS app → Settings → About → VersionVerify Fix Applied:
Confirm the app version is 10.18.0 or later in Settings > About.📡 Detection & Monitoring
Log Indicators:
- Unusual configuration changes to UniFi Access Points
- Authentication attempts from unexpected network segments
Network Indicators:
- Unencrypted or improperly authenticated management traffic to UniFi Access Points on port 8080/tcp
SIEM Query:
source="unifi-access-point" AND (event_type="configuration_change" OR auth_failure=true)