What vulnerabilities have been discovered in Ubiquiti UniFi OS?

Critical vulnerabilities allowing unauthorized access to devices and networks have been identified. CISA has confirmed their active exploitation in attacks.

Which devices are affected?

Ubiquiti UniFi OS and Lantronix serial-to-Ethernet servers are impacted. Both are widely used in enterprise networks.

How can organizations protect against these attacks?

Immediately install the latest security updates released by the vendors. CISA recommends disconnecting vulnerable devices from the network until patches are applied.

← All news

Security

CISA Warns of Actively Exploited Critical Ubiquiti Vulnerabilities

June 25, 2026

Photo: ui.com

Quick answer

CISA warns of critical vulnerabilities in Ubiquiti UniFi OS and Lantronix devices, already exploited by hackers to gain unauthorized network access.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an emergency warning about critical vulnerabilities in Ubiquiti and Lantronix equipment. According to the report, threat actors are already actively exploiting these flaws to launch attacks on corporate networks.

The vulnerabilities affect two types of devices: Ubiquiti's UniFi OS, used for managing network solutions, and Lantronix servers, which provide serial-to-Ethernet conversion. These flaws enable attackers to gain full control over the devices, opening avenues for further attacks on the company's infrastructure.

CISA has added these vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog and strongly urges administrators to apply security patches immediately. The agency emphasized that failing to update promptly could lead to severe consequences, including data leaks and full network compromise.

Vendors have already released patches to address the vulnerabilities. Experts advise disconnecting vulnerable devices from the network until updates are installed if immediate patching is not feasible. Special attention should be given to monitoring network traffic for suspicious activity.

Common questions

What vulnerabilities have been discovered in Ubiquiti UniFi OS?: Critical vulnerabilities allowing unauthorized access to devices and networks have been identified. CISA has confirmed their active exploitation in attacks.
Which devices are affected?: Ubiquiti UniFi OS and Lantronix serial-to-Ethernet servers are impacted. Both are widely used in enterprise networks.
How can organizations protect against these attacks?: Immediately install the latest security updates released by the vendors. CISA recommends disconnecting vulnerable devices from the network until patches are applied.

Dzen feed: /feed/dzen.xml · RSS: /feed.xml