Monitor vulnerabilities like this one.
Sign up free to get alerted when software you use is affected.
9.1
CVE-2026-54400: UniFi Access App: Malicious access can lead to host takeover
CVE-2026-54400
CVE-2026-54400
Summary
The UniFi Access Application has a security weakness that could allow an attacker with high privileges to take control of the host device. This is a serious concern because it could lead to unauthorized access and data theft. To protect your network, ensure you have the latest UniFi software updates installed and follow best practices for access control.
What to do
No fix is available yet. Check with your software vendor for updates.
Affected software
| Vendor | Product | Affected versions |
|---|---|---|
| ubiquiti inc | unifi access application | < 4.2.29 |
Original title
A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device.
Original description
A malicious actor with access to the network and high privileges could exploit an Improper Access Control vulnerability found in UniFi Access Application to escalate privileges on the host device.
nvd CVSS3.1
9.1
Vulnerability type
CWE-284
Improper Access Control
Published: 2 Jul 2026 · Updated: 3 Jul 2026 · First seen: 2 Jul 2026