The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued urgent advisories for critical vulnerabilities in Ubiquiti UniFi OS and Lantronix serial-to-ethernet servers, confirming that hackers are actively exploiting the flaws. The agency emphasized the necessity of immediate patching, noting both vulnerabilities have been added to CISA's Known Exploited Vulnerabilities (KEV) catalog.
As reported by BleepingComputer on June 24, the separate advisories detail high-severity weaknesses in networking hardware from both vendors. The vulnerabilities carry the highest severity ratings and are being leveraged in real-world attacks, making proactive defense critical for all operators.
The inclusion in the KEV catalog is a significant indicator of risk. CISA requires federal civilian agencies to remediate KEV-listed vulnerabilities by a set deadline, sending a strong signal to all organizations about the priority of this issue. The agency is strongly urging all users of the affected products to apply vendor security updates without delay.
The impacted devices serve critical functions. Ubiquiti's UniFi OS is the firmware for its widely used routers, switches, and gateways; a compromise at this level could grant attackers control over a network's core infrastructure. Lantronix devices often bridge legacy serial equipment with modern Ethernet networks, frequently within industrial control systems and building automation environments, making them a high-value target for disrupting operational technology.
The coordinated alert highlights the persistent threat to widely deployed networking gear. According to the cited report, the vulnerabilities allow for remote code execution or authentication bypass, enabling attackers to compromise devices with minimal effort. Once seized, these devices can be used for lateral movement within a network or conscripted into botnets for larger attacks.
Organizations using affected Ubiquiti or Lantronix products should immediately consult the official CISA advisories and the referenced BleepingComputer report. The recommended actions include reviewing device models, verifying firmware versions, and implementing the latest patches from the vendors. Given the active exploitation, monitoring network traffic for anomalies and reviewing access logs for signs of compromise are also prudent measures.
美國網絡安全與基礎設施安全局(CISA)已就 Ubiquiti UniFi OS 及 Lantronix 串列轉以太網伺服器中的關鍵漏洞發出緊急通告,確認黑客正積極利用這些漏洞。該局強調立即修補的必要性,指出兩項漏洞均已納入 CISA 的已知遭利用漏洞(KEV)目錄。
根據 BleepingComputer 於 6 月 24 日的報導,這兩份獨立通告詳述了兩家廠商網絡硬件中的高嚴重性弱點。這些漏洞獲得最高嚴重性評級,並在現實攻擊中被利用,使主動防禦對所有營運者至關重要。
納入 KEV 目錄是風險的重大指標。CISA 要求聯邦民事機構在指定期限內修復列於 KEV 的漏洞,向所有組織強烈傳達此事的優先級。該局強烈敦促所有受影響產品的用戶毫不延遲地套用供應商的安全更新。
受影響的設備執行關鍵功能。Ubiquiti 的 UniFi OS 是其廣泛使用的路由器、交換機及閘道器的韌體;此層級的漏洞一旦被利用,攻擊者可能控制網絡的核心基礎設施。Lantronix 設備通常連接傳統串列設備與現代以太網網絡,常見於工業控制系統及樓宇自動化環境,使其成為擾亂運營技術的高價值目標。
這項聯合警報突顯了廣泛部署的網絡硬件所面臨的持續威脅。據引述的報告,這些漏洞允許遠端代碼執行或認證旁路,使攻擊者能以最低成本獲取設備。一旦被控制,這些設備可用於網絡內的橫向移動,或被強制編入大型攻擊的殭屍網絡。
使用受影響 Ubiquiti 或 Lantronix 產品的組織應立即查閱 CISA 的官方通告及引述的 BleepingComputer 報告。建議行動包括檢查設備型號、驗證韌體版本,並套用供應商提供的最新補丁。鑑於漏洞正遭積極利用,監控網絡流量異常及檢查存取日誌以尋求入侵跡象,亦是審慎的措施。