We know that updating our devices is one of the
protection measures that users have in order to protect themselves against
Possible attacks, since we have the latest patches available. In the
Today's case, we know of a Ubiquiti firmware update error,
Popular brand of internet access devices.
This bug could allow Man-In-The-Middle attacks
(Someone intercepting a communication), that can execute code as if
an administrator is.
This vulnerability is in the process of
Firmware update, which allows a Man-In-the-Middle attacker
can sneak in a malicious firmware image, designed to attack the
device at the time the computer automatically updates.
The researcher awxylitol discovered this problem and
quickly notified the company. The update command that allows the
Running the update, check with a Ubiquiti server the latest
Firmware version, download address and add it whenever there is
Something new.
However, The bug allows an attacker to use a
self-signed certificate and forge the download domain. This is not going to
Show no alert, so the user wouldn't really know if it's
installing modified or legitimate firmware.
Ubiquiti has acted quickly and launched a
Security Update. It is always important to check if there are new
versions and patches that we can add to our systems and devices,
to correct possible problems that may arise.
Nevertheless, It would be interesting to install this
update manually and not make use of automatic update, since
It is precisely the automatic process that the attacker takes advantage of to introduce
Malicious files.