Ubiquiti Inc A.I CyberSecurity Scoring
Ubiquiti Inc
Company Information
Website:https://www.ubiquiti.com
Employees number:5
Number of followers:1,099
NAICS:5112
Industry Type:Software Development
Homepage:ubiquiti.com
Ubiquiti Inc Risk Score (AI oriented)
Between 700 and 749
Ubiquiti IncSoftware Development
Updated:
08/07/2026
08/07/2026
738/1000
Moderate
Ba
Ubiquiti Inc Global Score (TPRM)
xxxx
Ubiquiti IncSoftware Development
Score locked

Ubiquiti IncModerate
Current Score
738Ba (MODERATE)
01000
2 incidents
-5 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
738
JUNE 2026
743
Vulnerability
03 Jun 2026 • Ubiquiti Inc
Ubiquiti: Ubiquiti warns of new max severity UniFi OS vulnerability
Ubiquiti Patches Seven Critical Vulnerabilities in UniFi OS, Including Maximum-Severity Command Injection Flaw
738
CRITICAL-5
UBI1783499130
Ubiquiti Patches Seven Critical Vulnerabilities in UniFi OS, Including Maximum-Severity Command Injection Flaw
Ubiquiti has released security updates to address seven critical vulnerabilities in its UniFi OS, including a maximum-severity command injection flaw tracked as CVE-2026-50746. The vulnerability affects UniFi Connect Application (versions 3.4.16 and earlier), a management suite for commercial building operations such as smart lighting and EV chargers. Exploiting this improper access control flaw could allow attackers with network access to execute arbitrary commands on the host device. Users are advised to update to version 3.4.20 or later to mitigate the risk.
In the same update, Ubiquiti patched six additional critical-severity vulnerabilities (CVE-2026-50747, CVE-2026-50748, CVE-2026-54400, CVE-2026-54402, CVE-2026-55115, CVE-2026-55116) impacting UniFi Talk, UniFi Access, UniFi Protect, UniFi OS Server, and various routers, gateways, NAS, and surveillance systems. Six of these flaws can be exploited in low-complexity attacks without user interaction, though Ubiquiti has not confirmed whether any were actively exploited prior to patching.
Security firm Censys reports over 100,000 internet-exposed UniFi OS instances, with nearly 50,000 located in the U.S. However, it remains unclear how many have been secured or are honeypots.
Ubiquiti devices have been frequent targets of state-sponsored and cybercriminal groups, often repurposed into botnets for malicious activity. In February 2024, the FBI dismantled Moobot, a botnet of Ubiquiti Edge OS routers used by Russia’s GRU for cyberespionage. In 2022, CISA added an actively exploited AirOS command injection flaw (CVE-2010-5330) to its Known Exploited Vulnerabilities Catalog, requiring federal agencies to patch within three weeks. More recently, in June 2024, CISA warned of three actively exploited UniFi OS flaws, mandating remediation within three days. Security firm Bishop Fox later demonstrated how these vulnerabilities could be chained for remote code execution with elevated privileges, releasing a detection script to help identify vulnerable systems.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
REFERENCES
MAY 2026
743
APRIL 2026
742
MARCH 2026
742
FEBRUARY 2026
742
JANUARY 2026
742
DECEMBER 2025
741
NOVEMBER 2025
741
OCTOBER 2025
741
SEPTEMBER 2025
740
AUGUST 2025
740
JANUARY 2024
749
Cyber Attack
01 Jan 2024 • Ubiquiti Inc
Linksys, Hikvision, Cisco, Ubiquiti, Draytek, Fortinet, Araknis and Mimosa Networks: China-Linked JDY Botnet Uses 1,500+ SOHO and IoT Devices for Rapid Vulnerability Exploitation
China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure
731
CRITICAL-18
DOMCISLINDRAFORMIMHIKUBI1781173672
China-Linked JDY Botnet Expands, Targeting U.S. Critical Infrastructure
A resurgent botnet tied to China-backed threat actors has grown into one of the most sophisticated reconnaissance tools in operation. Dubbed JDY, the network now controls over 1,500 compromised small office/home office (SOHO) routers and IoT devices across the U.S., Europe, and Asia, doubling in size since January 2024.
Originally part of the KV-botnet operation linked to Volt Typhoon JDY was first detected in late 2023 as a covert scanning network used to gather intelligence on U.S. critical infrastructure. After U.S. authorities dismantled its companion KV cluster, JDY quietly rebuilt, expanding its reach and capabilities.
Researchers at Lumen’s Black Lotus Labs found that the botnet now targets devices from manufacturers including Cisco, Ubiquiti, Hikvision, Draytek, Linksys, Araknis, and Mimosa Networks. Its operators act with remarkable speed shifting scans to exploit newly disclosed vulnerabilities within hours of public disclosure. A recent example involved CVE-2026-35616, a Fortinet flaw, which JDY began probing almost immediately.
The botnet’s primary focus is U.S.-based networks, particularly those tied to military entities. By leveraging ordinary home and small business routers, JDY blends malicious traffic with legitimate activity, evading detection. Infected devices receive scanning tasks via Tor-hidden command-and-control (C2) servers, making attribution difficult. Scans span TCP, UDP, SSL, and ICMP protocols, with results compressed, encrypted, and sent back to a central server.
JDY’s malware, designed for MIPS and MIPSEL architectures, uses a lightweight bash dropper to infect devices, download payloads, and erase traces. Some devices are managed via Platypus, an open-source remote shell tool, with a known payload server at 149.248.3[.]38 (port 13339). The botnet’s distributed nature spreading scans across thousands of IPs helps it bypass traditional defenses like blocklists and geofencing.
Despite disruption efforts, JDY has proven resilient, adapting and expanding even after partial takedowns. Its rapid response to new vulnerabilities underscores the persistent threat posed by China-linked cyber espionage operations.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for Ubiquiti Inc ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in June 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in May 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in April 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in March 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in February 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in January 2026 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in December 2025 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in November 2025 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in October 2025 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in September 2025 ??
What was Ubiquiti Inc's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on Ubiquiti Inc's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with Ubiquiti Inc ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view Ubiquiti Inc's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?