Missing Authentication in UniFi Connect EV Station Pro by Ubiquiti
CVE-2025-27214

9.8CRITICAL

Key Information:

Vendor: Ubiquiti Inc
Status: Unifi Connect Ev Station Pro
Vendor: CVE Published:; 21 August 2025

🔔 Create Ubiquiti Inc Vulnerability Alert

What is CVE-2025-27214?

The UniFi Connect EV Station Pro is susceptible to a Missing Authentication for Critical Function vulnerability, which may permit a malicious actor with physical or adjacent access to execute an unauthorized factory reset. This flaw poses significant risks, as it could lead to an unauthorized system reset, compromising device integrity and data security. To mitigate this risk, users are advised to update to version 1.5.27 or later.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

UniFi Connect EV Station Pro 1.5.27

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.1

Score:

9.8

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2025
Vulnerability Reserved
Feb 20, 2025

JSON

Ubiquiti Inc

What is CVE-2025-27214?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.