CVE-2019-25651
Received Received - Intake
AES-CBC Key Recovery in Ubiquiti UniFi Devices Enables Unauthorized Control

Publication date: 2026-03-27

Last updated on: 2026-04-29

Assigner: VulnCheck

Description
Ubiquiti UniFi Network Controller prior to 5.10.12 (excluding 5.6.42), UAP FW prior to 4.0.6, UAP-AC, UAP-AC v2, and UAP-AC Outdoor FW prior to 3.8.17, USW FW prior to 4.0.6, USG FW prior to 4.4.34 uses AES-CBC encryption for device-to-controller communication, which contains cryptographic weaknesses that allow attackers to recover encryption keys from captured traffic. Attackers with adjacent network access can capture sufficient encrypted traffic and exploit AES-CBC mode vulnerabilities to derive the encryption keys, enabling unauthorized control and management of network devices.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2026-03-27
Last Modified
2026-04-29
Generated
2026-06-16
AI Q&A
2026-03-28
EPSS Evaluated
2026-06-15
NVD
CVE-2019-25651
EUVD
EUVD-2019-20041
Affected Vendors & Products
Showing 7 associated CPEs
Vendor Product Version / Range
ubiquiti unifi_network_controller to 5.10.12 (exc)
ubiquiti uap_fw to 4.0.6 (exc)
ubiquiti uap-ac *
ubiquiti uap-ac_v2 *
ubiquiti uap-ac_outdoor_fw to 3.8.17 (exc)
ubiquiti usw_fw to 4.0.6 (exc)
ubiquiti usg_fw to 4.4.34 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-327 The product uses a broken or risky cryptographic algorithm or protocol.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Compliance Impact

The vulnerability allows attackers to recover encryption keys from captured traffic due to weaknesses in AES-CBC encryption used for device-to-controller communication. This unauthorized access and control over network devices could lead to breaches of confidentiality, integrity, and availability of sensitive data.

Such security weaknesses may impact compliance with common standards and regulations like GDPR and HIPAA, which require strong protection of personal and sensitive data. Failure to adequately secure network communications could result in violations of these regulations, potentially leading to legal and financial consequences.

Executive Summary

This vulnerability affects Ubiquiti UniFi Network Controller and various Ubiquiti device firmwares that use AES-CBC encryption for device-to-controller communication. The AES-CBC encryption mode used contains cryptographic weaknesses that allow attackers with adjacent network access to capture encrypted traffic and exploit these weaknesses to recover the encryption keys.

By recovering the encryption keys, attackers can gain unauthorized control and management capabilities over the affected network devices.

Impact Analysis

The impact of this vulnerability is significant because attackers who can capture encrypted traffic on an adjacent network can derive the encryption keys used for device communication.

This enables unauthorized control and management of network devices, potentially leading to network compromise, disruption of services, or unauthorized access to sensitive network configurations.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2019-25651. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart