Security Advisory Bulletin 004

by Ubiquiti Employee Wednesday - last edited Wednesday

Updated: May 15th, 2019

First Published: May 15th, 2019

Version: 1.0

Revision: 1.0




We have recently released new versions of UAP, UAP-AC, USW, USG firmware and UniFi Network Controller that fixes vulnerabilities found in 4.0.5, 3.8.16, 4.4.33, 5.10.11 and prior, according to the description below:


The encryption protocol between the devices and the controller were using AES-CBC, which is insecure and with enough of these packets a decryption key could be found that allowed a malicious actor to gain control over devices on the network.

These vulnerabilities were fixed in the UniFi Controller v5.10.12 using firmware version 4.0.6 for UAP/USW and 4.4.34 for USG. This is also fixed in UniFi Controller 5.6.42 with firmware 3.8.17 for EOL UAP-AC models.



The changes included in firmware (mentioned above) changes the encryption protocol for communication between Ubiquiti devices and the UniFi Network Controller to the more secure AES-GCM protocol instead of AES-CBC.

Affected Products:

UniFi Network Controller prior to 5.10.12 (excluding 5.6.42)

UniFi UAP FW prior to 4.0.6

UniFi UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17

UniFi USW FW prior to 4.0.6

UniFi USG FW prior to 4.4.34



Update to UniFi Controller to at least v5.6.42 or v5.10.12+ and update all devices to versions suggested above.



CVSS v3.0 Severity and Metrics:

Base Score: 8.3 HIGH

Vector: AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H (V3 legend)


Reference Links: