CVE-2025-27214 in UniFi Connect EV Station Pro
Summary
by MITRE • 08/21/2025
A Missing Authentication for Critical Function vulnerability in the UniFi Connect EV Station Pro may allow a malicious actor with physical or adjacent access to perform an unauthorized factory reset.
Affected Products:
UniFi Connect EV Station Pro (Version 1.5.18 and earlier)
Mitigation:
Update UniFi Connect EV Station Pro to Version 1.5.27 or later
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
Analysis
by VulDB Data Team • 08/21/2025
The UniFi Connect EV Station Pro represents a critical infrastructure component within commercial electric vehicle charging networks, designed to provide secure and reliable charging services to fleet operators and businesses. This device operates as a sophisticated charging station that interfaces with enterprise networks while maintaining physical access points that could be exploited by adversaries. The vulnerability identified in version 1.5.18 and earlier affects the device's authentication mechanisms for critical functions, specifically undermining the security controls that should prevent unauthorized access to sensitive operational parameters.
This missing authentication for critical function vulnerability stems from inadequate verification processes during factory reset operations within the device's firmware implementation. The flaw allows an attacker with physical or adjacent network access to bypass authentication requirements and execute unauthorized factory reset procedures. Such a condition creates a significant security risk as factory reset operations typically restore device configurations to default states, potentially exposing network credentials, charging session data, and operational parameters that could be exploited for further attacks. The vulnerability aligns with CWE-306, which addresses missing authentication for critical functions, and represents a fundamental breakdown in the device's security architecture.
The operational impact of this vulnerability extends beyond simple unauthorized device reset capabilities. An attacker could potentially disrupt charging services for fleet vehicles, gain access to sensitive charging session data, or manipulate network configurations to create persistent access points. This threat vector particularly concerns enterprise environments where EV charging stations are integrated with business networks, as it could enable attackers to establish footholds within corporate infrastructure. The vulnerability's exploitation requires either physical access to the device or adjacent network access, making it particularly concerning for environments where device security cannot be guaranteed. According to ATT&CK framework, this vulnerability maps to T1210 - Exploitation of Remote Services, and T1566 - Phishing, as attackers may need to gain physical access or use social engineering to reach the device.
The recommended mitigation strategy involves updating the UniFi Connect EV Station Pro firmware to version 1.5.27 or later, which addresses the authentication deficiency by implementing proper verification mechanisms for critical functions. This update ensures that factory reset operations require appropriate authentication credentials before execution, thereby preventing unauthorized access to device configuration parameters. Security administrators should also implement additional physical security measures such as device enclosures, access controls, and network segmentation to reduce the attack surface. Organizations should conduct comprehensive vulnerability assessments to identify all affected devices within their fleet management infrastructure and establish monitoring protocols to detect potential exploitation attempts. The firmware update process should be carefully planned to minimize service disruption while ensuring complete remediation of the vulnerability across all affected installations.