{
  "document" : {
    "aggregate_severity" : {
      "text" : "hoch"
    },
    "category" : "csaf_base",
    "csaf_version" : "2.0",
    "distribution" : {
      "tlp" : {
        "label" : "WHITE",
        "url" : "https://www.first.org/tlp/"
      }
    },
    "lang" : "de-DE",
    "notes" : [ {
      "category" : "legal_disclaimer",
      "text" : "Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen."
    }, {
      "category" : "description",
      "text" : "UniFi ist Ubiquiti's End-to-End-Netzwerk-Ökosystem für Unternehmen und Smart Homes.",
      "title" : "Produktbeschreibung"
    }, {
      "category" : "summary",
      "text" : "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in Ubiquiti UniFi Play PowerAmp und Audio Port ausnutzen, um beliebigen Programmcode auszuführen, Sicherheitsmaßnahmen zu umgehen, Daten zu manipulieren, vertrauliche Informationen offenzulegen und einen Denial-of-Service-Zustand zu verursachen.",
      "title" : "Angriff"
    }, {
      "category" : "general",
      "text" : "- Sonstiges",
      "title" : "Betroffene Betriebssysteme"
    } ],
    "publisher" : {
      "category" : "other",
      "contact_details" : "csaf-provider@cert-bund.de",
      "name" : "Bundesamt für Sicherheit in der Informationstechnik",
      "namespace" : "https://www.bsi.bund.de"
    },
    "references" : [ {
      "category" : "self",
      "summary" : "WID-SEC-W-2026-1076 - CSAF Version",
      "url" : "https://wid.cert-bund.de/.well-known/csaf/white/2026/wid-sec-w-2026-1076.json"
    }, {
      "category" : "self",
      "summary" : "WID-SEC-2026-1076 - Portal Version",
      "url" : "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2026-1076"
    }, {
      "category" : "external",
      "summary" : "Ubiquiti Security Advisory Bulletin 063 vom 2026-04-13",
      "url" : "https://community.ui.com/releases/Security-Advisory-Bulletin-063/e468dd4b-5090-4ef8-89d8-939903c08e83"
    } ],
    "source_lang" : "en-US",
    "title" : "Ubiquiti UniFi Play PowerAmp und Audio Port: Mehrere Schwachstellen",
    "tracking" : {
      "current_release_date" : "2026-04-13T22:00:00.000+00:00",
      "generator" : {
        "date" : "2026-04-14T09:39:03.011+00:00",
        "engine" : {
          "name" : "BSI-WID",
          "version" : "1.5.0"
        }
      },
      "id" : "WID-SEC-W-2026-1076",
      "initial_release_date" : "2026-04-13T22:00:00.000+00:00",
      "revision_history" : [ {
        "date" : "2026-04-13T22:00:00.000+00:00",
        "number" : "1",
        "summary" : "Initiale Fassung"
      } ],
      "status" : "final",
      "version" : "1"
    }
  },
  "product_tree" : {
    "branches" : [ {
      "branches" : [ {
        "branches" : [ {
          "category" : "product_version_range",
          "name" : "Play PowerAmp <1.0.38",
          "product" : {
            "name" : "Ubiquiti UniFi Play PowerAmp <1.0.38",
            "product_id" : "T052709"
          }
        }, {
          "category" : "product_version",
          "name" : "Play PowerAmp 1.0.38",
          "product" : {
            "name" : "Ubiquiti UniFi Play PowerAmp 1.0.38",
            "product_id" : "T052709-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:ubnt:unifi:play_poweramp__1.0.38"
            }
          }
        }, {
          "category" : "product_version_range",
          "name" : "Play Audio Port <1.1.9",
          "product" : {
            "name" : "Ubiquiti UniFi Play Audio Port <1.1.9",
            "product_id" : "T052710"
          }
        }, {
          "category" : "product_version",
          "name" : "Play Audio Port 1.1.9",
          "product" : {
            "name" : "Ubiquiti UniFi Play Audio Port 1.1.9",
            "product_id" : "T052710-fixed",
            "product_identification_helper" : {
              "cpe" : "cpe:/a:ubnt:unifi:play_audio_port__1.1.9"
            }
          }
        } ],
        "category" : "product_name",
        "name" : "UniFi"
      } ],
      "category" : "vendor",
      "name" : "Ubiquiti"
    } ]
  },
  "vulnerabilities" : [ {
    "cve" : "CVE-2026-22562",
    "product_status" : {
      "known_affected" : [ "T052709", "T052710" ]
    },
    "release_date" : "2026-04-13T22:00:00.000+00:00",
    "title" : "CVE-2026-22562"
  }, {
    "cve" : "CVE-2026-22563",
    "product_status" : {
      "known_affected" : [ "T052709", "T052710" ]
    },
    "release_date" : "2026-04-13T22:00:00.000+00:00",
    "title" : "CVE-2026-22563"
  }, {
    "cve" : "CVE-2026-22564",
    "product_status" : {
      "known_affected" : [ "T052709", "T052710" ]
    },
    "release_date" : "2026-04-13T22:00:00.000+00:00",
    "title" : "CVE-2026-22564"
  }, {
    "cve" : "CVE-2026-22565",
    "product_status" : {
      "known_affected" : [ "T052709", "T052710" ]
    },
    "release_date" : "2026-04-13T22:00:00.000+00:00",
    "title" : "CVE-2026-22565"
  }, {
    "cve" : "CVE-2026-22566",
    "product_status" : {
      "known_affected" : [ "T052709", "T052710" ]
    },
    "release_date" : "2026-04-13T22:00:00.000+00:00",
    "title" : "CVE-2026-22566"
  } ]
}