CVE-2026-21634 – An attacker on the same network can crash the U... (How to Fix)

Q: What is the severity of CVE-2026-21634?

CVE-2026-21634 has a CVSS score of 6.5 (MEDIUM). An attacker on the same network can crash the UniFi Protect Application by sending specially crafted discovery protocol packets. This affects all UniFi Protect Application installations running version 6.1.79 or earlier.

📋 TL;DR

An attacker on the same network can crash the UniFi Protect Application by sending specially crafted discovery protocol packets. This affects all UniFi Protect Application installations running version 6.1.79 or earlier.

💻 Affected Systems

Products:

UniFi Protect Application

Versions: 6.1.79 and earlier

Operating Systems: All platforms running UniFi Protect

Default Config Vulnerable: ⚠️ Yes

Notes: All installations with affected versions are vulnerable regardless of configuration.

📦 What is this software?

Unifi Protect by Ui

View all CVEs affecting Unifi Protect →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Persistent denial of service preventing camera monitoring and recording, potentially creating security blind spots.

🟠

Likely Case

Temporary service disruption requiring manual restart, causing gaps in surveillance coverage.

🟢

If Mitigated

No impact if patched to version 6.2.72 or later.

🌐 Internet-Facing: LOW - Requires adjacent network access, not directly internet exploitable.

🏢 Internal Only: MEDIUM - Attackers on the same network segment can cause service disruption.

🎯 Exploit Status

Public PoC: ✅ No

Weaponized: UNKNOWN

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

Exploitation requires network access but no authentication.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: 6.2.72 or later

Vendor Advisory: https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9

Restart Required: Yes

Instructions:

1. Backup current configuration
2. Download UniFi Protect Application version 6.2.72 or later from UI.com
3. Install the update following vendor instructions
4. Restart the UniFi Protect service

🔧 Temporary Workarounds

Network Segmentation

all

Isolate UniFi Protect Application on separate VLAN to limit adjacent network access

🧯 If You Can't Patch

Segment UniFi Protect network from untrusted devices
Implement network monitoring for unusual discovery protocol traffic

🔍 How to Verify

Check if Vulnerable:

Check UniFi Protect Application version in web interface or via SSH: show version

Check Version:

ssh admin@unifi-protect-host 'show version' or check web interface

Verify Fix Applied:

Confirm version is 6.2.72 or later and service remains stable during normal operation

📡 Detection & Monitoring

Log Indicators:

UniFi Protect service restart logs
Discovery protocol error messages
Unexpected process termination

Network Indicators:

Unusual UDP traffic on discovery protocol ports
Repeated service restart patterns

SIEM Query:

source="unifi-protect" AND (event="service_restart" OR event="crash")

📊 Metadata

CVE ID: CVE-2026-21634

CVSS v3 Score: 6.5 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

CWE: CWE-119

EPSS Score: 0.02% exploit probability (4.8th percentile)

Published: January 5, 2026

Last Updated: January 30, 2026

🔗 References

https://community.ui.com/releases/Security-Advisory-Bulletin-058-058/6922ff20-8cd7-4724-8d8c-676458a2d0f9 Vendor Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2026-21634, you might also want to check these: