CVE-2025-27214

Summary

A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset.

Affected Products:

UniFi Connect EV Station Pro (Version 1.5.18 and earlier)

Mitigation:

Update UniFi Connect EV Station Pro to Version 1.5.27 or later

Affected Software

VendorProductVersion RangeStatus
Ubiquiti IncUniFi Connect EV Station Pro1.5.27 < 1.5.27affected

Weaknesses

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: yes
    • Technical Impact: total

References