{"document":{"category":"csaf_vex","csaf_version":"2.0","title":"CVE-2026-55116: A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices","publisher":{"category":"vendor","name":"HarborGuard Database","namespace":"https://database.harborguard.co"},"tracking":{"id":"CVE-2026-55116","status":"final","version":"1","initial_release_date":"2026-07-02T14:50:48.820Z","current_release_date":"2026-07-02T15:51:11.890Z","revision_history":[{"date":"2026-07-02T14:50:48.820Z","number":"1","summary":"Initial machine-readable export from HarborGuard."}]},"distribution":{"tlp":{"label":"WHITE"},"text":"Public CVE data; freely redistributable."},"notes":[{"category":"description","text":"A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.","title":"CVE description"}],"references":[{"category":"self","summary":"CVE-2026-55116 on HarborGuard Database","url":"https://database.harborguard.co/cve/CVE-2026-55116"},{"category":"external","summary":"CVE Record","url":"https://www.cve.org/CVERecord?id=CVE-2026-55116"},{"category":"external","summary":"community.ui.com","url":"https://community.ui.com/releases/Security-Advisory-Bulletin-066-066/984eceb3-49c8-4227-942d-671c289b3afc"}]},"product_tree":{"branches":[{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Dream Machines","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Dream Machines <5.1.19","product_id":"CSAFPID-1","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:dream_machines:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Enterprise Fortress Gateway","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Enterprise Fortress Gateway <5.1.19","product_id":"CSAFPID-2","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:enterprise_fortress_gateway:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Dream Wall","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Dream Wall <5.1.19","product_id":"CSAFPID-3","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:dream_wall:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Dream Routers","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Dream Routers <5.1.19","product_id":"CSAFPID-4","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:dream_routers:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Express 7","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Express 7 <5.1.19","product_id":"CSAFPID-5","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:express_7:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Cloud Gateways","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Cloud Gateways <5.1.19","product_id":"CSAFPID-6","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:cloud_gateways:*:*:*:*:*:*:*:*"}}}]}]},{"category":"vendor","name":"Ubiquiti Inc","branches":[{"category":"product_name","name":"Enterprise Firewall Core","branches":[{"category":"product_version_range","name":"<5.1.19","product":{"name":"Ubiquiti Inc Enterprise Firewall Core <5.1.19","product_id":"CSAFPID-7","product_identification_helper":{"cpe":"cpe:2.3:a:ubiquiti_inc:enterprise_firewall_core:*:*:*:*:*:*:*:*"}}}]}]}]},"vulnerabilities":[{"cve":"CVE-2026-55116","title":"A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices","notes":[{"category":"description","text":"A malicious actor with access to the network and under certain network configurations could exploit an Improper Access Control vulnerability found in certain devices running UniFi OS to make unauthorized changes to such UniFi OS devices.","title":"CVE description"}],"product_status":{"known_affected":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7"]},"scores":[{"cvss_v3":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H","baseScore":9,"baseSeverity":"CRITICAL"},"products":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7"]}],"remediations":[{"category":"vendor_fix","details":"Update to a fixed version: 5.1.19.","product_ids":["CSAFPID-1","CSAFPID-2","CSAFPID-3","CSAFPID-4","CSAFPID-5","CSAFPID-6","CSAFPID-7"]}]}]}