diff --git a/source/backend/api/Areas/Property/Controllers/PropertyActivityController.cs b/source/backend/api/Areas/Property/Controllers/PropertyActivityController.cs
index 3e541b0429..86657c9d14 100644
--- a/source/backend/api/Areas/Property/Controllers/PropertyActivityController.cs
+++ b/source/backend/api/Areas/Property/Controllers/PropertyActivityController.cs
@@ -132,12 +132,8 @@ public IActionResult CreatePropertyActivity(long propertyId, [FromBody] Property
         [TypeFilter(typeof(NullJsonResultFilter))]
         public IActionResult UpdatePropertyActivity(long propertyId, long activityId, [FromBody] PropertyActivityModel activityModel)
         {
-            if (propertyId != activityModel.ActivityProperties[0].PropertyId || activityId != activityModel.Id)
-            {
-                throw new BadRequestException("Invalid activity identifiers.");
-            }
             var activityEntity = _mapper.Map<PimsPropertyActivity>(activityModel);
-            var updatedProperty = _propertyService.UpdateActivity(activityEntity);
+            var updatedProperty = _propertyService.UpdateActivity(propertyId, activityId, activityEntity);
 
             return new JsonResult(_mapper.Map<PropertyActivityModel>(updatedProperty));
         }
diff --git a/source/backend/api/Services/IPropertyService.cs b/source/backend/api/Services/IPropertyService.cs
index c381325c33..69a075bd63 100644
--- a/source/backend/api/Services/IPropertyService.cs
+++ b/source/backend/api/Services/IPropertyService.cs
@@ -34,7 +34,7 @@ public interface IPropertyService
 
         PimsPropertyActivity CreateActivity(PimsPropertyActivity propertyActivity);
 
-        PimsPropertyActivity UpdateActivity(PimsPropertyActivity propertyActivity);
+        PimsPropertyActivity UpdateActivity(long propertyId, long activityId, PimsPropertyActivity propertyActivity);
 
         bool DeleteActivity(long activityId);
     }
diff --git a/source/backend/api/Services/PropertyService.cs b/source/backend/api/Services/PropertyService.cs
index 63dc96c5c9..9b9af98479 100644
--- a/source/backend/api/Services/PropertyService.cs
+++ b/source/backend/api/Services/PropertyService.cs
@@ -240,11 +240,17 @@ public PimsPropertyActivity CreateActivity(PimsPropertyActivity propertyActivity
             return propertyActivityResult;
         }
 
-        public PimsPropertyActivity UpdateActivity(PimsPropertyActivity propertyActivity)
+        public PimsPropertyActivity UpdateActivity(long propertyId, long activityId, PimsPropertyActivity propertyActivity)
         {
             _logger.LogInformation("Updating property Activity...");
             _user.ThrowIfNotAuthorized(Permissions.ManagementEdit, Permissions.PropertyEdit);
 
+            if (!propertyActivity.PimsPropPropActivities.Any(x => x.PropertyId == propertyId && x.PimsPropertyActivityId == activityId)
+                || propertyActivity.PimsPropertyActivityId != activityId)
+            {
+                throw new BadRequestException("Invalid activity identifiers.");
+            }
+
             var propertyActivityResult = _propertyActivityRepository.Update(propertyActivity);
             _propertyActivityRepository.CommitTransaction();
 
diff --git a/source/backend/tests/unit/api/Services/PropertyServiceTest.cs b/source/backend/tests/unit/api/Services/PropertyServiceTest.cs
index f2cd6609fd..a1b40e13f9 100644
--- a/source/backend/tests/unit/api/Services/PropertyServiceTest.cs
+++ b/source/backend/tests/unit/api/Services/PropertyServiceTest.cs
@@ -344,6 +344,148 @@ public void Get_PropertyManagement_Activities_NoPermission()
             repository.Verify(x => x.GetActivity(It.IsAny<long>()), Times.Never);
         }
 
+        [Fact]
+        public void Update_PropertyManagement_Activity_NoPermission()
+        {
+            // Arrange
+            var service = this.CreatePropertyServiceWithPermissions();
+            var repository = this._helper.GetService<Mock<IPropertyActivityRepository>>();
+
+            // Act
+            Action act = () => service.UpdateActivity(1, 100, new PimsPropertyActivity());
+
+            // Assert
+            act.Should().Throw<NotAuthorizedException>();
+            repository.Verify(x => x.Update(It.IsAny<PimsPropertyActivity>()), Times.Never);
+        }
+
+        [Fact]
+        public void Update_PropertyManagement_Activity_InvalidIdentifiers_Wrong_PropertyId()
+        {
+            // Arrange
+            var service = this.CreatePropertyServiceWithPermissions(Permissions.ManagementEdit, Permissions.PropertyEdit);
+            var repository = this._helper.GetService<Mock<IPropertyActivityRepository>>();
+
+            // Act
+            Action act = () => service.UpdateActivity(1, 10, new PimsPropertyActivity()
+            {
+                PimsPropertyActivityId = 10,
+                PimsPropPropActivities = new List<PimsPropPropActivity>()
+                {
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 100,
+                        PropertyId = 2,
+                        PimsPropertyActivityId = 10,
+                    },
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 101,
+                        PropertyId = 2,
+                        PimsPropertyActivityId = 11,
+                    }
+                }
+            }); ;
+
+            // Assert
+            act.Should().Throw<BadRequestException>();
+            repository.Verify(x => x.Update(It.IsAny<PimsPropertyActivity>()), Times.Never);
+        }
+
+        [Fact]
+        public void Update_PropertyManagement_Activity_InvalidIdentifiers_Wrong_ActivityId()
+        {
+            // Arrange
+            var service = this.CreatePropertyServiceWithPermissions(Permissions.ManagementEdit, Permissions.PropertyEdit);
+            var repository = this._helper.GetService<Mock<IPropertyActivityRepository>>();
+
+            // Act
+            Action act = () => service.UpdateActivity(1, 20, new PimsPropertyActivity()
+            {
+                PimsPropertyActivityId = 10,
+                PimsPropPropActivities = new List<PimsPropPropActivity>()
+                {
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 100,
+                        PropertyId = 1,
+                        PimsPropertyActivityId = 10,
+                    },
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 101,
+                        PropertyId = 1,
+                        PimsPropertyActivityId = 30,
+                    }
+                }
+            }); ;
+
+            // Assert
+            act.Should().Throw<BadRequestException>();
+            repository.Verify(x => x.Update(It.IsAny<PimsPropertyActivity>()), Times.Never);
+        }
+
+        [Fact]
+        public void Update_PropertyManagement_Activity_InvalidIdentifiers_Wrong_Model_ActivityId()
+        {
+            // Arrange
+            var service = this.CreatePropertyServiceWithPermissions(Permissions.ManagementEdit, Permissions.PropertyEdit);
+            var repository = this._helper.GetService<Mock<IPropertyActivityRepository>>();
+
+            // Act
+            Action act = () => service.UpdateActivity(1, 20, new PimsPropertyActivity()
+            {
+                PimsPropertyActivityId = 500,
+                PimsPropPropActivities = new List<PimsPropPropActivity>()
+                {
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 100,
+                        PropertyId = 1,
+                        PimsPropertyActivityId = 20,
+                    }
+                }
+            }); ;
+
+            // Assert
+            act.Should().Throw<BadRequestException>();
+            repository.Verify(x => x.Update(It.IsAny<PimsPropertyActivity>()), Times.Never);
+        }
+
+        [Fact]
+        public void Update_PropertyManagement_Activity_Success()
+        {
+            // Arrange
+            var service = this.CreatePropertyServiceWithPermissions(Permissions.ManagementEdit, Permissions.PropertyEdit);
+            var repository = this._helper.GetService<Mock<IPropertyActivityRepository>>();
+            repository.Setup(x => x.Update(It.IsAny<PimsPropertyActivity>())).Returns(new PimsPropertyActivity());
+
+            // Act
+            var result = service.UpdateActivity(1, 10, new PimsPropertyActivity()
+            {
+                PimsPropertyActivityId = 10,
+                PimsPropPropActivities = new List<PimsPropPropActivity>()
+                {
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 100,
+                        PropertyId = 1,
+                        PimsPropertyActivityId = 10,
+                    },
+                    new PimsPropPropActivity()
+                    {
+                        PropPropActivityId = 101,
+                        PropertyId = 1,
+                        PimsPropertyActivityId = 11,
+                    }
+                }
+            });
+
+            // Assert
+            Assert.NotNull(result);
+            repository.Verify(x => x.Update(It.IsAny<PimsPropertyActivity>()), Times.Once);
+        }
+
         [Fact]
         public void Delete_PropertyManagementActivity_NoPermission()
         {