Improper Access Control in UniFi Connect Display Cast Products by Ubiquiti
CVE-2025-27215

8.1HIGH

Key Information:

Vendor: Ubiquiti Inc
Status: Unifi Connect Display Cast; Unifi Connect Display Cast Pro; Unifi Connect Display Cast Lite
Vendor: CVE Published:; 21 August 2025

🔔 Create Ubiquiti Inc Vulnerability Alert

What is CVE-2025-27215?

An Improper Access Control vulnerability exists in specific versions of UniFi Connect Display Cast devices. This flaw enables an authenticated adversary to misuse API access, potentially enabling them to implement unauthorized changes to system settings, leading to a compromise of device integrity and security.

Affected Version(s)

UniFi Connect Display Cast 1.10.7

UniFi Connect Display Cast Lite 1.1.8

UniFi Connect Display Cast Pro 1.0.94

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Aug 21, 2025
Vulnerability Reserved
Feb 20, 2025

JSON