CVE-2026-56841
Ubiquiti · UniFi Protect Application
An authenticated SQL injection vulnerability in the UniFi Protect Application allows low-privileged users to escalate their privileges on the host device.
Executive summary
A critical SQL injection vulnerability in the Ubiquiti UniFi Protect Application allows low-privileged users to escalate their privileges on the host system.
Vulnerability
This is an authenticated SQL injection vulnerability that permits a user with low privileges to execute arbitrary SQL commands. By exploiting this flaw, the attacker can manipulate the application's backend database to gain elevated, potentially administrative, privileges on the host device.
Business impact
The CVSS score of 8.8 underscores the gravity of this flaw, as it grants attackers the ability to bypass intended access controls. Exploitation could lead to unauthorized control over surveillance hardware, modification of security policies, or access to sensitive recorded data, resulting in significant operational and security impacts.
Remediation
Immediate Action: Apply the vendor-provided security patches for the UniFi Protect Application to address the underlying SQL injection vulnerability.
Proactive Monitoring: Review database logs for anomalous queries or unauthorized attempts to access tables outside the user's normal scope of operation.
Compensating Controls: Reduce the attack surface by enforcing the principle of least privilege for all user accounts and employing input validation via security gateways or WAFs.
Exploitation status
Public Exploit Available: false
Analyst recommendation
This vulnerability presents a clear risk to system integrity and must be addressed promptly. Security teams should prioritize patching the UniFi Protect Application and perform a thorough review of administrative account activity to ensure no unauthorized privilege escalation has already occurred.