CVE-2025-23123
📋 TL;DR
A heap buffer overflow vulnerability in UniFi Protect Camera firmware allows remote code execution. Attackers with access to the management network can exploit this to take full control of affected cameras. This affects UniFi Protect Cameras running firmware version 4.75.43 and earlier.
💻 Affected Systems
- UniFi Protect Cameras
⚠️ Manual Verification Required
This CVE does not have specific version information in our database, so automatic vulnerability detection cannot determine if your system is affected.
Why? The CVE database entry doesn't specify which versions are vulnerable (no version ranges provided by the vendor/NVD).
🔒 Custom verification scripts are available for registered users. Sign up free to download automated test scripts.
- Review the CVE details at NVD
- Check vendor security advisories for your specific version
- Test if the vulnerability is exploitable in your environment
- Consider updating to the latest version as a precaution
⚠️ Risk & Real-World Impact
Worst Case
Complete compromise of camera systems leading to persistent access, data exfiltration, lateral movement to other network devices, and potential use as pivot points for broader network attacks.
Likely Case
Camera compromise allowing video stream interception, disabling of security monitoring, and establishment of foothold for further network reconnaissance.
If Mitigated
Limited impact if cameras are isolated on separate VLANs with strict network segmentation and access controls.
🎯 Exploit Status
Exploitation requires network access to management interface. Heap buffer overflow exploitation typically requires specific knowledge of memory layout.
🛠️ Fix & Mitigation
✅ Official Fix
Patch Version: 4.75.44 or later
Vendor Advisory: https://community.ui.com/releases/Security-Advisory-Bulletin-047-047/cef86c37-7421-44fd-b251-84e76475a5bc
Restart Required: Yes
Instructions:
1. Log into UniFi Protect web interface. 2. Navigate to Settings > System > Updates. 3. Check for available firmware updates. 4. Apply update to version 4.75.44 or later. 5. Cameras will automatically restart after update.
🔧 Temporary Workarounds
Network Segmentation
allIsolate camera management network from other critical networks
Access Control Lists
allRestrict management network access to authorized IP addresses only
🧯 If You Can't Patch
- Segment camera management network completely from other systems
- Implement strict firewall rules to limit access to camera management interfaces
🔍 How to Verify
Check if Vulnerable:
Check camera firmware version in UniFi Protect web interface under Settings > Cameras > [Camera Name] > InfoCheck Version:
No CLI command - use UniFi Protect web interfaceVerify Fix Applied:
Confirm firmware version is 4.75.44 or later in camera information panel📡 Detection & Monitoring
Log Indicators:
- Unusual network connections to camera management ports
- Multiple failed connection attempts followed by successful connection
- Unexpected firmware modification attempts
Network Indicators:
- Unusual traffic patterns to camera management ports (default 7443)
- Outbound connections from cameras to unexpected destinations
- Port scanning activity targeting camera management interfaces
SIEM Query:
source_ip IN (camera_management_ips) AND (port=7443 OR port=443) AND (bytes_sent > threshold OR connection_count > normal_baseline)