CVE-2025-27215
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-08-21

Last updated on: 2025-08-22

Assigner: HackerOne

Description
An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier) Mitigation: Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-08-21
Last Modified
2025-08-22
Generated
2026-05-07
AI Q&A
2025-08-21
EPSS Evaluated
2026-05-05
NVD
CVE-2025-27215
EUVD
EUVD-2025-25443
Affected Vendors & Products
Showing 3 associated CPEs
Vendor Product Version / Range
ubiquiti unifi_connect_display_cast 1.10.3
ubiquiti unifi_connect_display_cast_lite 1.0.3
ubiquiti unifi_connect_display_cast_pro 1.0.89
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-284 The product does not restrict or incorrectly restricts access to a resource from an unauthorized actor.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is an Improper Access Control issue in certain UniFi Connect Display Cast devices. It allows a malicious actor who is authenticated in the device's API to make unsupported changes to the system, potentially altering its behavior or configuration in unintended ways.


How can this vulnerability impact me? :

If exploited, this vulnerability could allow an authenticated attacker to make unauthorized changes to the affected UniFi Connect Display Cast devices, which may lead to system instability, unauthorized configuration changes, or other security risks depending on what changes are made.


What immediate steps should I take to mitigate this vulnerability?

Update UniFi Connect Display Cast devices to the fixed versions: Version 1.10.7 or later for UniFi Connect Display Cast, Version 1.0.94 or later for UniFi Connect Display Cast Pro, and Version 1.1.8 or later for UniFi Connect Display Cast Lite.


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart