CVE-2024-29206

An Improper Access Control could allow a malicious actor authenticated in the API to enable Android Debug Bridge (ADB) and make unsupported changes to the system.<br /> <br /> <br /> <br /> Affected Products:<br /> <br /> UniFi Connect EV Station (Version 1.1.18 and earlier) <br /> <br /> UniFi Connect EV Station Pro (Version 1.1.18 and earlier)<br /> <br /> UniFi Access G2 Reader Pro (Version 1.2.172 and earlier)<br /> <br /> UniFi Access Reader Pro (Version 2.7.238 and earlier)<br /> <br /> UniFi Access Intercom (Version 1.0.66 and earlier)<br /> <br /> UniFi Access Intercom Viewer (Version 1.0.5 and earlier)<br /> <br /> UniFi Connect Display (Version 1.9.324 and earlier)<br /> <br /> UniFi Connect Display Cast (Version 1.6.225 and earlier)<br /> <br /> <br /> <br /> Mitigation:<br /> <br /> Update UniFi Connect Application to Version 3.10.7 or later.<br /> <br /> Update UniFi Connect EV Station to Version 1.2.15 or later. <br /> <br /> Update UniFi Connect EV Station Pro to Version 1.2.15 or later.<br /> <br /> Update UniFi Access G2 Reader Pro Version 1.3.37 or later.<br /> <br /> Update UniFi Access Reader Pro Version 2.8.19 or later.<br /> <br /> Update UniFi Access Intercom Version 1.1.32 or later.<br /> <br /> Update UniFi Access Intercom Viewer Version 1.1.6 or later.<br /> <br /> Update UniFi Connect Display to Version 1.11.348 or later. <br /> <br /> Update UniFi Connect Display Cast to Version 1.8.255 or later.