Vulnerability Description
UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface (UART).
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ui | Unifi Cloud Key Gen2 Firmware | <= 1.1.10 |
| Ui | Unifi Cloud Key Gen2 | - |
| Ui | Unifi Cloud Key Gen2 Plus Firmware | <= 1.1.10 |
| Ui | Unifi Cloud Key Gen2 Plus | - |
Related Weaknesses (CWE)
References
- https://community.ui.com/releases/Security-advisory-bulletin-008-008/5f66ca4c-10Vendor Advisory
- https://community.ui.com/releases/UniFi-Cloud-Key-Firmware-1-1-11/a24e55e1-6d90-Vendor Advisory
- https://community.ui.com/releases/Security-advisory-bulletin-008-008/5f66ca4c-10Vendor Advisory
- https://community.ui.com/releases/UniFi-Cloud-Key-Firmware-1-1-11/a24e55e1-6d90-Vendor Advisory
FAQ
What is CVE-2020-8157?
CVE-2020-8157 is a vulnerability with a CVSS score of 6.8 (MEDIUM). UniFi Cloud Key firmware <= v1.1.10 for Cloud Key gen2 and Cloud Key gen2 Plus contains a vulnerability that allows unrestricted root access through the serial interface (UART).
How severe is CVE-2020-8157?
CVE-2020-8157 has been rated MEDIUM with a CVSS base score of 6.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2020-8157?
Check the references section above for vendor advisories and patch information. Affected products include: Ui Unifi Cloud Key Gen2 Firmware, Ui Unifi Cloud Key Gen2, Ui Unifi Cloud Key Gen2 Plus Firmware, Ui Unifi Cloud Key Gen2 Plus.