CVE-2025-27215HIGH 8.1EPSS p14.6%

CVE-2025-27215CVE-2025-27215

Description

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier) Mitigation: Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later

Scoring

CVSS 3.18.1 (HIGH)
VectorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N
EPSS0.24% probability of exploitation · percentile 14.6% · 2026-06-18T12:00:27Z
Published2025-08-21
Last modified2026-04-15

Underlying weaknesses· 1

CWE-284

References

  1. https://community.ui.com/releases/Security-Advisory-Bulletin-052-052/ac1251ee-5bb5-4cdf-8a71-68acd1775bb6

1

TypeTargetConfidenceTier
WeaknessImproper Access Controlcwe-2840%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
CVE-2026-34908
CVE
CVE-2025-27212
CVE
CVE-2025-52665
CVE
CVE-2026-22564
CVE
CVE-2026-21633
CVE
CVE-2025-23116
Sourced from NVD + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.