CVE-2025-23115
Published: 01 March 2025
Summary
CVE-2025-23115 is a critical-severity Use After Free (CWE-416) vulnerability in Ui (inferred from references). Its CVSS base score is 9.0 (Critical).
Operationally, ranked in the top 12.3% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.
Deeper analysis
A Use After Free vulnerability tracked as CVE-2025-23115 affects UniFi Protect Cameras and is identified under CWE-416. The flaw permits remote code execution when an attacker reaches the cameras' management network, carrying a CVSS 3.0 base score of 9.0 that reflects a network attack vector, high complexity, no required privileges or user interaction, and changed scope with high impact on confidentiality, integrity, and availability.
An attacker positioned on the management network can trigger the use-after-free condition to achieve remote code execution on affected cameras. The published description limits the required access to the management network and does not indicate that unauthenticated or internet-facing exploitation is possible without that network reach.
The referenced Ubiquiti Security Advisory Bulletin 046 provides official guidance on mitigation and should be consulted for available patches or configuration changes that address the vulnerability in UniFi Protect Cameras. The associated EPSS score remains low, with a current value of 0.0343 and a peak of 0.0352.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-5916
Vulnerability details
A Use After Free vulnerability on UniFi Protect Cameras could allow a Remote Code Execution (RCE) by a malicious actor with access to UniFi Protect Cameras management network.
- CWE(s)
Related Threats
No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.
Affected Assets
Mitigating Controls
Likely Mitigating Controls AI
Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.
Use-after-free exploits that achieve arbitrary code execution are blocked or significantly hardened by non-executable pages and ASLR.