Ubiquiti AI Pro Camera Flaw Exposes Stored Credentials via Legacy Authentication
A cleartext transmission vulnerability in Ubiquiti Networks AI Pro cameras, disclosed as part of Pwn2Own, allows network-adjacent network-adjacent attackers to steal stored credentials without authentication.
A cleartext transmission vulnerability in Ubiquiti Networks AI Pro cameras, disclosed as part of Pwn2Own, allows network-adjacent attackers to steal stored credentials without authentication.
The flaw, tracked as CVE-2026-21633, stems from the continued support of a legacy authentication method in the Ubiquiti AI Pro camera. According to an advisory from the Zero Day Initiative (ZDI), the vulnerability allows network-adjacent attackers to disclose sensitive information without requiring any authentication. The specific issue lies within the device authentication process, where the legacy method remains active, enabling an attacker to intercept and reveal stored credentials.
The vulnerability was discovered and reported by David BERARD of Synacktiv, a well-known security research firm. The disclosure was coordinated as part of the Pwn2Own hacking contest, where researchers demonstrate zero-day exploits against widely used products. Ubiquiti Networks has released a security update to address the issue, and users are urged to apply the patch immediately.
The AI Pro camera is a high-end surveillance device used in enterprise and industrial environments. The ability to extract stored credentials could allow an attacker to pivot to other systems on the same network, potentially leading to broader compromise. The CVSS score for this vulnerability is 5.3, indicating a moderate severity, but the impact is heightened by the lack of authentication required for exploitation.
Ubiquiti has published a security advisory (Bulletin 058) detailing the update and urging customers to upgrade their firmware. The advisory can be found at the Ubiquiti community forum. This disclosure highlights the ongoing risks posed by legacy authentication mechanisms in modern IoT devices, especially those deployed in sensitive environments.
The coordinated disclosure timeline shows the vulnerability was reported to Ubiquiti on November 26, 2025, with the public advisory released on February 25, 2026. This four-month window allowed the vendor to develop and distribute a fix before full details were made public. Organizations using Ubiquiti AI Pro cameras should prioritize applying the update to mitigate the risk of credential theft and subsequent network compromise.