Vulnerabilities > CVE-2020-8157 - Unspecified vulnerability in UI products
Attack vector
PHYSICAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH low complexity
ui
Summary
UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface (UART).
Vulnerable Configurations
References
- https://community.ui.com/releases/Security-advisory-bulletin-008-008/5f66ca4c-10d6-4ca5-9620-37d5a4f22413
- https://community.ui.com/releases/Security-advisory-bulletin-008-008/5f66ca4c-10d6-4ca5-9620-37d5a4f22413
- https://community.ui.com/releases/UniFi-Cloud-Key-Firmware-1-1-11/a24e55e1-6d90-46d7-92e2-01539ec8c79d
- https://community.ui.com/releases/UniFi-Cloud-Key-Firmware-1-1-11/a24e55e1-6d90-46d7-92e2-01539ec8c79d