Primary

Context

UniFi Connect EV Station Pro Missing Authentication Vulnerability Allowing Unauthorized Factory Reset

Vulnerability

Patched

A vulnerability allowing unauthorized factory resets has been identified in the UniFi Connect EV Station Pro, all versions through 1.5.18. This missing authentication for critical functions could be exploited by a malicious actor with physical or adjacent access to the device.

Impact

Exploitation of this vulnerability allows for an unauthorized factory reset of the affected device.

Remediation

Users are advised to update UniFi Connect EV Station Pro to version 1.5.27 or later.

Added: Aug 21, 2025, 1:19 AM

Updated: Aug 21, 2025, 1:19 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

3.3

remediation

7.7

relevance

0.4

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

UniFi Connect EV Station Pro Missing Authentication Vulnerability Allowing Unauthorized Factory Reset

Vulnerability

Impact

Remediation

Affected Products

Ubiquiti UniFi Connect EV Station Pro

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating