{"id":280735,"date":"2026-06-24T10:35:00","date_gmt":"2026-06-24T14:35:00","guid":{"rendered":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/"},"modified":"2026-06-24T14:25:11","modified_gmt":"2026-06-24T18:25:11","slug":"cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks","status":"publish","type":"post","link":"https:\/\/news-you-need.com\/index.php\/2026\/06\/24\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/","title":{"rendered":"CISA warns of max severity Ubiquiti flaws exploited in attacks"},"content":{"rendered":"<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/\">CISA warns of max severity Ubiquiti flaws exploited in attacks<\/a><\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/\">https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/<\/a><\/p>\n<p>Publish Date: <a href=\"publish_date]\">2026-06-24 10:35:00<\/a><\/p>\n<p>Source Domain: <a href=\"www.bleepingcomputer.com\">www.bleepingcomputer.com<\/a><\/p>\n<p style=\"text-align:center\">\n<p>The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of hackers actively exploiting\u00a0flaws in\u00a0Ubiquity UniFi OS and\u00a0Lantronix serial-to-ethernet\u00a0servers.<\/p>\n<p>According to the BOD 26-04 directive, federal agencies have three days to apply available security updates or vendor-recommended mitigations.<\/p>\n<p>\u00a0<\/p>\n<p> <img decoding=\"async\" src=\"https:\/\/www.bleepstatic.com\/c\/w\/mcp-playbook-970.jpg\" alt=\"image\" style=\"margin-top: 0px;\"\/><\/p>\n<p>The Ubiquiti flaws that CISA added to its catalog of Known Exploited Vulnerabilities are:<\/p>\n<ul>\n<li><strong>CVE-2026-34908<\/strong>: an access control bypass flaw that allows an unauthenticated attacker to make unauthorized changes to a UniFi OS system, potentially leading to full system compromise.<\/li>\n<li><strong>CVE-2026-34909<\/strong>: a directory\/path traversal vulnerability that allows an attacker to access sensitive files on the underlying operating system, potentially exposing configuration files, credentials, and other sensitive data that could facilitate account takeover.<\/li>\n<li><strong>CVE-2026-34910<\/strong>: an improper input validation flaw that enables an attacker to inject and execute arbitrary operating system commands, potentially leading to remote code execution and complete system takeover.<\/li>\n<\/ul>\n<p>Ubiquiti released security updates for the three vulnerabilities\u00a0in May, warning that they could\u00a0be exploited remotely without privileges.<\/p>\n<p>Researchers at Bishop Fox later demonstrated that the three flaws could\u00a0be chained to achieve full remote code execution with elevated privileges on vulnerable UniFi OS devices.<\/p>\n<p>Bishop Fox has also released a free detection script on GitHub to help defenders discover vulnerable instances in their environment.<\/p>\n<p>The security issue exploited in Lantronix servers is tracked as\u00a0CVE-2025-67038, and is a critical-severity root-level command injection affecting model\u00a0EDS5000 running firmware 2.1.0.0R3.<\/p>\n<p>The vulnerability exists in the HTTP RPC module, which executes a shell command to log failed authentication attempts.<\/p>\n<p>The supplied username is concatenated directly into the shell command without proper sanitization, allowing an attacker to&#8230;<\/p>\n<p><a href=\"https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/\">Source<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>CISA warns of max severity Ubiquiti flaws exploited in attacks https:\/\/www.bleepingcomputer.com\/news\/security\/cisa-warns-of-max-severity-ubiquiti-flaws-exploited-in-attacks\/ Publish Date: 2026-06-24 10:35:00&#8230;<\/p>\n","protected":false},"author":1,"featured_media":280737,"comment_status":"closed","ping_status":"","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/www.bleepstatic.com\/content\/hl-images\/2025\/01\/13\/CISA--headpic.jpg","fifu_image_alt":"","footnotes":""},"categories":[15],"tags":[24,27],"class_list":["post-280735","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-cybersecurity","tag-cybersecurity","tag-vulnerability"],"_links":{"self":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280735"}],"collection":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/comments?post=280735"}],"version-history":[{"count":1,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280735\/revisions"}],"predecessor-version":[{"id":280738,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/posts\/280735\/revisions\/280738"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media\/280737"}],"wp:attachment":[{"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/media?parent=280735"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/categories?post=280735"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/news-you-need.com\/index.php\/wp-json\/wp\/v2\/tags?post=280735"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}