Debugging Functionality Vulnerability in UniFi Talk Devices
CVE-2025-52663

7.3HIGH

Key Information:

Vendor

Ubiquiti Inc

Status
Unifi Talk Touch
Unifi Talk Touch Max
Unifi Talk G3 Phones
Vendor
CVE Published:
30 October 2025

What is CVE-2025-52663?

A vulnerability has been discovered in specific UniFi Talk devices where internal debugging features were unintentionally left enabled. This oversight could potentially allow an attacker with access to the management network of UniFi Talk devices to execute internal debugging operations via the device's API. Affected users are advised to update their devices to the latest versions: UniFi Talk Touch (1.21.17 or later), UniFi Talk Touch Max (2.21.23 or later), and UniFi Talk G3 Phones (3.21.27 or later) to mitigate this issue.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

UniFi Talk G3 Phones 3.21.27

UniFi Talk Touch 1.21.17

UniFi Talk Touch Max 2.21.23

References

https://community.ui.com/releases/Security-Advisory-Bulle...

CVSS V3.1

Score:
7.3
Severity:
HIGH
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.