CVE-2025-23123

CRITICAL Year: 2025
CVSS v3 Score
10.0
Critical
Weakness Type
CWE-122
View all →

Vulnerability Description

A malicious actor with access to the management network could execute a remote code execution (RCE) by exploiting a heap buffer overflow vulnerability in the UniFi Protect Cameras (Version 4.75.43 and earlier) firmware.

Related Vulnerabilities

CVE-2021-21940

CRITICAL
CVSS:10.0(Critical)

A heap-based buffer overflow vulnerability exists in the pushMuxer processRtspInfo functionality of Anker Eufy Homebase 2 2.1.6.9h. A specially-crafted network packet can lead to a heap buffer overflo...

CWE-1222021

CVE-2021-25387

CRITICAL
CVSS:10.0(Critical)

An improper input validation vulnerability in sflacfd_get_frm() in libsflacextractor library prior to SMR MAY-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process.

CWE-1222021

CVE-2021-40426

CRITICAL
CVSS:10.0(Critical)

A heap-based buffer overflow vulnerability exists in the sphere.c start_read() functionality of Sound Exchange libsox 14.4.2 and master commit 42b3557e. A specially-crafted file can lead to a heap buf...

CWE-1222021

CVE-2022-34819

CRITICAL
CVSS:10.0(Critical)

A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions < V3.3.46), SIMATIC CP 1243-1 (All versions < V3.3.46), SIMATIC CP 1243-7 LTE EU (All versions < V3.3.46), SIMATIC CP 1243-7 L...

CWE-1222022

CVE-2016-9603

CRITICAL
CVSS:9.9(Critical)

A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support before 2.9; the issue could occur when a VNC client attempted to update its display after a V...

CWE-1222016

CVE-2014-9187

CRITICAL
CVSS:9.8(Critical)

Multiple heap-based buffer overflow vulnerabilities exist in Honeywell Experion PKS all versions prior to R400.6, all versions prior to R410.6, and all versions prior to R430.2 modules, which could le...

CWE-1222014