{“lastseen”:””,”description”:”An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge (ADB) and make unsupported changes to the system.\\r\\n\\r\\n \\r\\n\\r\\nAffected Products:\\r\\n\\r\\nUniFi Connect EV Station Pro (Version 1.5.18 and earlier)\\r\\nUniFi Connect Display (Version 1.9.324 and earlier)\\r\\nUniFi Connect Display Cast (Version 1.9.301 and earlier)\\r\\nUniFi Connect Display Cast Pro (Version 1.0.78 and earlier)\\r\\nUniFi Connect Display Cast Lite (Version 1.0.3 and earlier)\\r\\n\\r\\nMitigation:\\r\\n\\r\\nUpdate UniFi Connect EV Station Pro to Version 1.5.27 or later\\r\\nUpdate UniFi Connect Display to Version 1.13.6 or later\\r\\nUpdate UniFi Connect Display Cast to Version 1.10.3 or later\\r\\nUpdate UniFi Connect Display Cast Pro to Version 1.0.83 or later\\r\\nUpdate UniFi Connect Display Cast Lite to Version 1.1.3 or later”,”published”:”2025-08-21T00:01:24.222Z”,”modified”:”2025-08-21T14:07:45.141Z”,”type”:”cve”,”title”:”CVE-2025-27213″,”source”:”hackerone”,”references”:”https:\/\/community.ui.com\/releases\/Security-Advisory-Bulletin-052-052\/ac1251ee-5bb5-4cdf-8a71-68acd1775bb6″,”id”:”CVE-2025-27213″,”bulletinFamily”:””,”cwe”:[“CWE-863″],”cvelist”:null,”sourceData”:”Ubiquiti Inc UniFi Connect EV Station Pro 1.5.27\\nUbiquiti Inc UniFi Connect Display 1.13.6\\nUbiquiti Inc UniFi Connect Display Cast 1.10.3\\nUbiquiti Inc UniFi Connect Display Cast Pro 1.0.83\\nUbiquiti Inc UniFi Connect Display Cast Lite 1.1.3″,”sourceHref”:””,”cvss”:{“score”:4.9,”severity”:”MEDIUM”,”vector”:”CVSS:3.1\/AV:N\/AC:L\/PR:H\/UI:N\/S:U\/C:N\/I:H\/A:N”,”version”:”3.1″},”cvss2″:{},”cvss3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””,”cvssV3″:{“version”:””,”vectorString”:””,”baseScore”:0,”baseSeverity”:””,”attackVector”:””,”attackComplexity”:””,”privilegesRequired”:””,”userInteraction”:””,”scope”:””,”confidentialityImpact”:””,”integrityImpact”:””,”availabilityImpact”:””}},”href”:””,”category_name”:”CVE”,”post_link”:””,”product”:”UniFi Connect EV Station Pro”,”version”:”1.5.27″,”vendor”:”Ubiquiti Inc”,”ai_description”:””,”ai_severity”:””,”ai_vendor”:””,”ai_product”:””,”ai_version”:””,”ai_score”:0}<\/p>\n","protected":false},"excerpt":{"rendered":"
{“lastseen”:””,”description”:”An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge (ADB) and…<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[2],"tags":[6,8,65,12,21,13,7,11,5],"class_list":["post-13863","post","type-post","status-publish","format-standard","hentry","category-category_cve","tag-cve","tag-cvss","tag-cvss-49","tag-exploit","tag-medium","tag-news","tag-security","tag-tapic","tag-vulnerability"],"yoast_head":"\n