A vulnerability was found in UniFi Video Server up to 3.9.3 on Windows and classified as critical. This issue affects an unknown code of the component Privilege Check. The manipulation with an unknown input leads to a privileges management vulnerability. Using CWE to declare the problem leads to CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. Impacted is confidentiality, integrity, and availability. The summary by CVE is:

The UniFi Video Server (Windows) web interface configuration restore functionality at the “backup� and “wizard� endpoints does not implement sufficient privilege checks. Low privileged users, belonging to the PUBLIC_GROUP or CUSTOM_GROUP groups, can access these endpoints and overwrite the current application configuration. This can be abused for various purposes, including adding new administrative users. Affected Products: UniFi Video Controller v3.9.3 (for Windows 7/8/10 x64) and prior. Fixed in UniFi Video Controller v3.9.6 and newer.

The weakness was released 04/01/2020 (Website). The advisory is shared at community.ui.com. The identification of this vulnerability is CVE-2020-8145 since 01/28/2020. The exploitation is known to be easy. The attack may be initiated remotely. A simple authentication is needed for exploitation. Neither technical details nor an exploit are publicly available. MITRE ATT&CK project uses the attack technique T1068 for this issue.

Upgrading to version 3.9.6 eliminates this vulnerability.

Entries connected to this vulnerability are available at 152680 and 152682.

Productinfo

Name

• UniFi Video Server

Version

• 3.9.0
• 3.9.1
• 3.9.2
• 3.9.3

CPE 2.3info

• 🔍
• 🔍
• 🔍

CPE 2.2info

• 🔍
• 🔍
• 🔍

CVSSv4info

CVSSv3info

CVSSv2info

Exploitinginfo

Threat Intelligenceinfo

Countermeasuresinfo

Timelineinfo

Sourcesinfo

Entryinfo

Discussion