Last updated: July 5, 2026 at 9:01 AM UTC
All 557 Vulnerability 199 Breach 106 Threat 245 Defense 7
Tag: unifi-os (1 article)Clear

Ubiquiti UniFi and Lantronix flaws now exploited; CISA sets June 26 deadline

CISA has confirmed active exploitation of four critical flaws in Ubiquiti UniFi OS and Lantronix EDS5000 devices, adding them to its Known Exploited Vulnerabilities catalog with a June 26 deadline for federal agencies. Three UniFi OS bugs (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910), each rated 10.0, can be chained for unauthenticated remote code execution and root; attackers were seen creating rogue admin accounts. The Lantronix flaw (CVE-2025-67038) is an unauthenticated root command injection in the EDS5000 serial console server. Ubiquiti patched UniFi OS Server in version 5.0.8, and Lantronix in firmware 2.2.0.0R1. Compromised network appliances let attackers pivot deep into internal networks.

Check
Inventory Ubiquiti UniFi OS consoles and gateways and any Lantronix EDS5000 device servers, confirm their firmware versions, and review logs for unexpected admin accounts or commands, especially on internet-reachable management interfaces.
Affected
UniFi OS devices before Server version 5.0.8 (CVE-2026-34908, CVE-2026-34909, CVE-2026-34910) and Lantronix EDS5000 on firmware 2.1.0.0R3 (CVE-2025-67038); unauthenticated attackers can reach root and pivot inward.
Fix
Update UniFi OS to 5.0.8 or later and Lantronix EDS5000 to firmware 2.2.0.0R1 before the June 26 deadline, and restrict device management interfaces to trusted networks until patched.