CVE-2025-23091 Information

Description

An Improper Certificate Validation on UniFi OS devices with Identity Enterprise configured could allow a malicious actor to execute a man-in-the-middle (MitM) attack during application update.

Reference

https://community.ui.com/releases/Security-Advisory-Bulletin-045-045/6011bc61-f2eb-457f-b71d-755703817aaf