MFA Your UniFi Now, Patch Cisco SD-WAN Yesterday, and HPE Goes All-In on AI Networking

Two actively exploited vulnerabilities and a long-overdue UniFi security reminder make this a patch-heavy Wednesday — don't close this tab until you've acted on at least one of these.

Enable MFA on Your UniFi Controller — This Is No Longer a Suggestion

Willie Howe dropped a post yesterday that should be required reading for anyone running a UniFi stack: if your controller, UniFi Network Server, or UniFi OS console doesn't have MFA enabled, you're one credential stuffing attack away from a very bad day.

This isn't theoretical. Exposed UniFi controllers are actively targeted, and the default username/password combinations that survive from initial setup are low-hanging fruit for automated scanners. The fix takes about five minutes — enable MFA under your Ubiquiti SSO account settings, and if you're running a self-hosted controller, make sure it isn't directly exposed to the internet without at minimum a VPN or reverse proxy in front of it.

For home lab folks: yes, this applies to you too. Your Dream Machine Pro sitting behind a residential IP with remote access enabled is absolutely on someone's scan list.

For MSPs managing client UniFi deployments: audit your accounts now. A single compromised Ubiquiti SSO account can cascade across every site you manage.

Willie's full walkthrough covers the specific settings across controller types. Go read it, then go fix it.

Cisco SD-WAN Manager Is Being Actively Exploited — Patch by June 29 or Sooner

Cisco confirmed patches for CVE-2026-20262 in Catalyst SD-WAN Manager, and the word "actively exploited" in the advisory should be all the motivation you need. Federal agencies have a hard deadline of June 29 under CISA's Known Exploited Vulnerabilities catalog — but if you're running Catalyst SD-WAN Manager in any environment, waiting until the 29th is a gamble you shouldn't take.

The vulnerability affects SD-WAN Manager's management plane, which means a successful exploit gives an attacker a foothold into the orchestration layer of your WAN — not just one device, but potentially visibility and control across your entire SD-WAN fabric. That's a catastrophic blast radius.

What to do right now:

• Pull your Catalyst SD-WAN Manager version and cross-reference against Cisco's advisory
• Apply the patched release as soon as your change window allows
• Review management plane access controls and ensure SD-WAN Manager isn't exposed to untrusted networks
• Check your logs for any anomalous API activity going back 30 days

If you're an MSP or enterprise engineer who inherited a Cisco SD-WAN deployment and isn't sure of the exact version running, now is the time to find out — not after an incident.

LiteSpeed cPanel Plugin: Root Escalation, Patch Deadline Is Tomorrow

CISA added CVE-2026-54420 to the KEV list, and the federal patch deadline is June 18 — that's tomorrow. The flaw lives in the LiteSpeed cPanel plugin and allows privilege escalation to root, which is about as bad as it gets on a shared or VPS hosting environment.

If you're running cPanel with LiteSpeed on any server — whether that's a home lab box, a small business web server, or a client's hosting environment — check your plugin version today. LiteSpeed has released a patched version; the update path through WHM/cPanel is straightforward.

The broader concern here is that privilege escalation to root via a web server plugin is exactly the kind of vulnerability that gets chained with other exploits. An attacker who can get any foothold on your server (compromised WordPress credentials, a vulnerable theme, anything) can use this to own the entire machine.

This one hits closer to home than a lot of CISA advisories — small business web hosting and homelab web servers running cPanel/LiteSpeed are common in this community. Check your stack before end of day.

UniFi Enterprise Firewall Core 5.1.19 Beta Is Out — Worth a Look

Ubiquiti pushed UniFi OS Enterprise Firewall Core 5.1.19 into beta, and if you're running enterprise firewall hardware in a test or lab environment, this is a good time to get eyes on it.

The release notes cite improvements and bugfixes across enterprise firewall deployments — vague, as Ubiquiti betas often are, but the Enterprise Firewall line has been maturing steadily and each beta cycle tends to surface meaningful stability improvements before they hit stable.

If you're running an Enterprise Fortress or similar hardware in production, hold off — this is beta, and your production firewall is not the place to find out what the bugfixes were fixing. But if you have a lab unit or a secondary site where you can absorb some risk, throwing 5.1.19 on it and running it through its paces helps the community and gives you early visibility into what's coming.

Drop your findings in the Ubiquiti forums thread — beta feedback actually does move the needle on what gets addressed before stable release.

HPE Leans Hard Into AI Networking at Discover 2026

HPE used Discover 2026 to announce a wave of new switches and further integration of Juniper and Aruba technologies, all aimed squarely at AI workload optimization. The headline is high-bandwidth, low-latency fabric switching designed for GPU cluster interconnects and the kind of east-west traffic that AI training and inference workloads generate at scale.

The Juniper/Aruba integration story continues to be the subplot worth watching. HPE has been methodically blending these product lines since the Juniper acquisition closed, and the Discover announcements suggest the unified portfolio is getting more coherent — though "coherent" and "simple to buy" are still two different things in HPE's world.

For most of us in the Upstate SC market, this isn't a "buy now" announcement — it's a "know what's coming" one. If you're advising clients on 3–5 year infrastructure roadmaps, AI-optimized networking is moving from data center curiosity to mainstream consideration faster than most people expected. HPE is positioning aggressively, which means Cisco and Arista will respond, and prices on current-gen gear may get interesting.

Worth a read if you're doing any enterprise switching evaluations in the next 12 months.

Want this in your inbox? Subscribe here · Follow on LinkedIn · Join the Discord