CVE-2025-27213

Name of the Vulnerable Software and Affected Versions: UniFi Connect EV Station Pro versions 1.5.18 and earlier UniFi Connect Display versions 1.9.324 and earlier UniFi Connect Display Cast versions 1.9.301 and earlier UniFi Connect Display Cast Pro versions 1.0.78 and earlier UniFi Connect Display Cast Lite versions 1.0.3 and earlier

Description: An improper access control could allow a malicious actor authenticated in the API of certain UniFi Connect devices to enable Android Debug Bridge (ADB) and make unsupported changes to the system. The API allows enabling ADB, potentially leading to unauthorized system modifications.

Recommendations: Update UniFi Connect EV Station Pro to version 1.5.27 or later. Update UniFi Connect Display to version 1.13.6 or later. Update UniFi Connect Display Cast to version 1.10.3 or later. Update UniFi Connect Display Cast Pro to version 1.0.83 or later. Update UniFi Connect Display Cast Lite to version 1.1.3 or later.