CVE-2024-45205 Information

Description

An Improper Certificate Validation on the UniFi iOS App managing a standalone UniFi Access Point (not using UniFi Network Application) could allow a malicious actor with access to an adjacent network to take control of this UniFi Access Point.

Affected Products: UniFi iOS App (Version 10.17.7 and earlier)

Mitigation: UniFi iOS App (Version 10.18.0 or later).

Reference

https://community.ui.com/releases/UniFi-iOS-10-18-0/42f02428-544c-4626-b5b3-5ae40308edc7