PT-2020-19992 · Ubiquiti · Unifi Cloud Key

Published

2020-05-02

Updated

2020-05-07

CVE-2020-8157

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions Ubiquiti UniFi Cloud Key firmware versions prior to 1.1.11 for Cloud Key gen2 and Cloud Key gen2 Plus

Description The issue allows unrestricted root access through the serial interface (UART).

Recommendations For versions prior to 1.1.11, update the firmware to version 1.1.11 or later to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2020-8157

Affected Products

Unifi Cloud Key

PT-2020-19992 · Ubiquiti · Unifi Cloud Key

CVE-2020-8157

Weakness Enumeration

Related Identifiers

Affected Products

References · 4