CVE-2023-35085: Integer Overflow
First published: Thu Aug 10 2023(Updated: )
An integer overflow vulnerability in all UniFi Access Points and Switches, excluding the Switch Flex Mini, with SNMP Monitoring and default settings enabled could allow a Remote Code Execution (RCE). Affected Products: All UniFi Access Points (Version 6.5.50 and earlier) All UniFi Switches (Version 6.5.32 and earlier) -USW Flex Mini excluded. Mitigation: Update UniFi Access Points to Version 6.5.62 or later. Update the UniFi Switches to Version 6.5.59 or later.
Credit: support@hackerone.com support@hackerone.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ui Unifi Uap Firmware | <=6.5.50 | |
| Ui U6\+ | ||
| Ui U6-enterprise | ||
| Ui U6-enterprise-iw | ||
| Ui U6-extender | ||
| Ui U6-iw | ||
| Ui U6-lite | ||
| Ui U6-lr | ||
| Ui U6-mesh | ||
| Ui U6-pro | ||
| Ui Uap-ac-iw | ||
| Ui Uap-ac-lite | ||
| Ui Uap-ac-lr | ||
| Ui Uap-ac-m | ||
| Ui Uap-ac-m-pro | ||
| Ui Uap-ac-pro | ||
| Ui Ubb | ||
| Ui Ubb-xg | ||
| Ui Uwb-xg | ||
| Ui Unifi Switch Firmware | <=6.5.32 | |
| Ui Us-16-150w | ||
| Ui Us-24-250w | ||
| Ui Us-48-500w | ||
| Ui Us-8-150w | ||
| Ui Us-8-60w | ||
| Ui Us-xg-6poe | ||
| Ui Usw-16-poe | ||
| Ui Usw-24 | ||
| Ui Usw-24-poe | ||
| Ui Usw-48 | ||
| Ui Usw-48-poe | ||
| Ui Usw-aggregation | ||
| Ui Usw-enterprise-24-poe | ||
| Ui Usw-enterprise-48-poe | ||
| Ui Usw-enterprise-8-poe | ||
| Ui Usw-enterprisexg-24 | ||
| Ui Usw-flex | ||
| Ui Usw-flex-xg | ||
| Ui Usw-industrial | ||
| Ui Usw-lite-16-poe | ||
| Ui Usw-lite-8-poe | ||
| Ui Usw-mission-critical | ||
| Ui Usw-pro-24 | ||
| Ui Usw-pro-24-poe | ||
| Ui Usw-pro-48 | ||
| Ui Usw-pro-48-poe | ||
| Ui Usw-pro-aggregation |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this UniFi Access Points and Switches vulnerability?
The vulnerability ID is CVE-2023-35085.
What is the severity level of CVE-2023-35085?
The severity level of CVE-2023-35085 is critical with a severity value of 9.8.
Which products are affected by CVE-2023-35085?
All UniFi Access Points (Version 6.5.50 and earlier) and All UniFi Switches (Version 6.5.32 and earlier) are affected by CVE-2023-35085.
How can the CVE-2023-35085 vulnerability be exploited?
The CVE-2023-35085 vulnerability can be exploited through a Remote Code Execution (RCE) if SNMP Monitoring and default settings are enabled.
Where can I find more information about CVE-2023-35085?
You can find more information about CVE-2023-35085 in the [Security Advisory Bulletin](https://community.ui.com/releases/Security-Advisory-Bulletin-035-035/91107858-9884-44df-b1c6-63c6499f6e56).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/weakness
- agent/severity
- agent/author
- agent/type
- agent/event
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/ui
- canonical/ui unifi uap firmware
- version/ui unifi uap firmware/6.5.50
- canonical/ui u6\+
- canonical/ui u6-enterprise
- canonical/ui u6-enterprise-iw
- canonical/ui u6-extender
- canonical/ui u6-iw
- canonical/ui u6-lite
- canonical/ui u6-lr
- canonical/ui u6-mesh
- canonical/ui u6-pro
- canonical/ui uap-ac-iw
- canonical/ui uap-ac-lite
- canonical/ui uap-ac-lr
- canonical/ui uap-ac-m
- canonical/ui uap-ac-m-pro
- canonical/ui uap-ac-pro
- canonical/ui ubb
- canonical/ui ubb-xg
- canonical/ui uwb-xg
- canonical/ui unifi switch firmware
- version/ui unifi switch firmware/6.5.32
- canonical/ui us-16-150w
- canonical/ui us-24-250w
- canonical/ui us-48-500w
- canonical/ui us-8-150w
- canonical/ui us-8-60w
- canonical/ui us-xg-6poe
- canonical/ui usw-16-poe
- canonical/ui usw-24
- canonical/ui usw-24-poe
- canonical/ui usw-48
- canonical/ui usw-48-poe
- canonical/ui usw-aggregation
- canonical/ui usw-enterprise-24-poe
- canonical/ui usw-enterprise-48-poe
- canonical/ui usw-enterprise-8-poe
- canonical/ui usw-enterprisexg-24
- canonical/ui usw-flex
- canonical/ui usw-flex-xg
- canonical/ui usw-industrial
- canonical/ui usw-lite-16-poe
- canonical/ui usw-lite-8-poe
- canonical/ui usw-mission-critical
- canonical/ui usw-pro-24
- canonical/ui usw-pro-24-poe
- canonical/ui usw-pro-48
- canonical/ui usw-pro-48-poe
- canonical/ui usw-pro-aggregation