Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Ubiquiti Inc

Ubiquiti Inc Vendor Cyber Rating & Cyber Score

ubiquiti.com

Ubiquiti develops data-driven decision support software products. Our expertise in analytics, artificial intelligence and natural language processing helps organizations and individuals make best use of available data resources.


Ubiquiti Inc A.I CyberSecurity Scoring

Ubiquiti Inc
Company Information
Website:https://www.ubiquiti.com
Employees number:5
Number of followers:1,099
NAICS:5112
Industry Type:Software Development
Homepage:ubiquiti.com
Ubiquiti Inc Risk Score (AI oriented)
Between 700 and 749
logo
Ubiquiti IncSoftware Development
Updated:
08/07/2026
738/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Ubiquiti Inc Global Score (TPRM)
xxxx
logo
Ubiquiti IncSoftware Development
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Ubiquiti Inc
Ubiquiti IncModerate
Current Score
738Ba (MODERATE)
01000
2 incidents
-5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
738Before Incident
JUNE 2026
743Before Incident
Vulnerability
03 Jun 2026Ubiquiti Inc
Ubiquiti: Ubiquiti warns of new max severity UniFi OS vulnerability

Ubiquiti Patches Seven Critical Vulnerabilities in UniFi OS, Including Maximum-Severity Command Injection Flaw

738After Incident
CRITICAL-5
UBI1783499130
Ubiquiti Patches Seven Critical Vulnerabilities in UniFi OS, Including Maximum-Severity Command Injection Flaw Ubiquiti has released security updates to address seven critical vulnerabilities in its UniFi OS, including a maximum-severity command injection flaw tracked as CVE-2026-50746. The vulnerability affects UniFi Connect Application (versions 3.4.16 and earlier), a management suite for commercial building operations such as smart lighting and EV chargers. Exploiting this improper access control flaw could allow attackers with network access to execute arbitrary commands on the host device. Users are advised to update to version 3.4.20 or later to mitigate the risk. In the same update, Ubiquiti patched six additional critical-severity vulnerabilities (CVE-2026-50747, CVE-2026-50748, CVE-2026-54400, CVE-2026-54402, CVE-2026-55115, CVE-2026-55116) impacting UniFi Talk, UniFi Access, UniFi Protect, UniFi OS Server, and various routers, gateways, NAS, and surveillance systems. Six of these flaws can be exploited in low-complexity attacks without user interaction, though Ubiquiti has not confirmed whether any were actively exploited prior to patching. Security firm Censys reports over 100,000 internet-exposed UniFi OS instances, with nearly 50,000 located in the U.S. However, it remains unclear how many have been secured or are honeypots. Ubiquiti devices have been frequent targets of state-sponsored and cybercriminal groups, often repurposed into botnets for malicious activity. In February 2024, the FBI dismantled Moobot, a botnet of Ubiquiti Edge OS routers used by Russia’s GRU for cyberespionage. In 2022, CISA added an actively exploited AirOS command injection flaw (CVE-2010-5330) to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch within three weeks. More recently, in June 2024, CISA warned of three actively exploited UniFi OS flaws, mandating remediation within three days. Security firm Bishop Fox later demonstrated how these vulnerabilities could be chained for remote code execution with elevated privileges, releasing a detection script to help identify vulnerable systems.
INCIDENT DETAILS -
TYPE
Vulnerability DisclosurePatch Release
MOTIVATION
CyberespionageBotnet CreationMalicious Activity
IMPACT
Systems Affected: UniFi OS instances, routers, gateways, NAS, surveillance systems, UniFi Connect, UniFi Talk, UniFi Access, UniFi ProtectOperational Impact: Potential arbitrary command execution on host devices, remote code execution with elevated privilegesBrand Reputation Impact: Potential negative impact due to frequent targeting by threat actors
MAY 2026
743Before Incident
APRIL 2026
742Before Incident
MARCH 2026
742Before Incident
FEBRUARY 2026
742Before Incident
JANUARY 2026
742Before Incident
DECEMBER 2025
741Before Incident
NOVEMBER 2025
741Before Incident
OCTOBER 2025
741Before Incident
SEPTEMBER 2025
740Before Incident
AUGUST 2025
740Before Incident
JANUARY 2024
749Before Incident
Cyber Attack
01 Jan 2024Ubiquiti Inc
Linksys, Hikvision, Cisco, Ubiquiti, Draytek, Fortinet, Araknis and Mimosa Networks: China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation

China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure

731After Incident
CRITICAL-18
DOMCISLINDRAFORMIMHIKUBI1781173672
China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure A resurgent botnet tied to China-backed threat actors has grown into one of the most sophisticated reconnaissance tools in operation. Dubbed JDY, the network now controls over 1,500 compromised small office/home office (SOHO) routers and IoT devices across the U.S., Europe, and Asia, doubling in size since January 2024. Originally part of the KV-botnet operation linked to Volt Typhoon JDY was first detected in late 2023 as a covert scanning network used to gather intelligence on U.S. critical infrastructure. After U.S. authorities dismantled its companion KV cluster, JDY quietly rebuilt, expanding its reach and capabilities. Researchers at Lumen’s Black Lotus Labs found that the botnet now targets devices from manufacturers including Cisco, Ubiquiti, Hikvision, Draytek, Linksys, Araknis, and Mimosa Networks. Its operators act with remarkable speed shifting scans to exploit newly disclosed vulnerabilities within hours of public disclosure. A recent example involved CVE-2026-35616, a Fortinet flaw, which JDY began probing almost immediately. The botnet’s primary focus is U.S.-based networks, particularly those tied to military entities. By leveraging ordinary home and small business routers, JDY blends malicious traffic with legitimate activity, evading detection. Infected devices receive scanning tasks via Tor-hidden command-and-control (C2) servers, making attribution difficult. Scans span TCP, UDP, SSL, and ICMP protocols, with results compressed, encrypted, and sent back to a central server. JDY’s malware, designed for MIPS and MIPSEL architectures, uses a lightweight bash dropper to infect devices, download payloads, and erase traces. Some devices are managed via Platypus, an open-source remote shell tool, with a known payload server at 149.248.3[.]38 (port 13339). The botnet’s distributed nature spreading scans across thousands of IPs helps it bypass traditional defenses like blocklists and geofencing. Despite disruption efforts, JDY has proven resilient, adapting and expanding even after partial takedowns. Its rapid response to new vulnerabilities underscores the persistent threat posed by China-linked cyber espionage operations.
INCIDENT DETAILS -
TYPE
Botnet, Cyber Espionage
MOTIVATION
Cyber espionage, intelligence gathering on U.S. critical infrastructure
IMPACT
Data Compromised: Reconnaissance data, network intelligenceSystems Affected: 1,500+ SOHO routers and IoT devicesOperational Impact: Potential disruption of critical infrastructure networks
DATA BREACH
Type Of Data Compromised: Network intelligence, reconnaissance dataSensitivity Of Data: High (military and critical infrastructure-related)Data Exfiltration: Yes (compressed and encrypted data sent to C2 servers)Data Encryption: Yes (payloads encrypted)

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Ubiquiti Inc ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Ubiquiti Inc's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Ubiquiti Inc ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Ubiquiti Inc's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?