CVE-2025-27215
8.1
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
Summary
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system.
Affected Products:
UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier)
Mitigation:
Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Ubiquiti Inc | UniFi Connect Display Cast | 1.10.7 < 1.10.7 | affected |
| Ubiquiti Inc | UniFi Connect Display Cast Pro | 1.0.94 < 1.0.94 | affected |
| Ubiquiti Inc | UniFi Connect Display Cast Lite | 1.1.8 < 1.1.8 | affected |
Weaknesses
ADP Enrichment
CISA ADP Vulnrichment
- SSVC:
- Exploitation: none
- Automatable: no
- Technical Impact: total
References
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.