CVE-2025-23091

Medium CVSS: 5.9

An Improper Certificate Validation on UniFi OS devices, with Identity Enterprise configured, could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.

Vendor

Product

CWE

CWE-295

Yayın Tarihi

2025-02-01 07:15:08

Güncelleme

2025-03-13 13:15:57

Source Identifier

support@hackerone.com

KEV Date Added

Kategoriler

CWE-295 MEDIUM 2025

Referanslar

https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf