A significant security flaw has been identified in multiple Ubiquiti UniFi Access devices, potentially allowing unauthorized individuals to execute arbitrary commands remotely. This vulnerability, designated as CVE-2025-27212, arises from inadequate input validation mechanisms within the devices’ firmware. With a Common Vulnerability Scoring System (CVSS) v3.0 base score of 9.8, it is classified as critical, underscoring the urgency for immediate remediation.
Technical Details:
The core of this vulnerability lies in the improper validation of input data within the UniFi Access management network. Malicious actors who gain access to this network can exploit the flaw to inject and execute arbitrary commands on the affected devices. The attack vector is particularly concerning due to its low complexity and the absence of required privileges or user interaction, making it highly exploitable.
The CVSS v3.0 vector string for this vulnerability is CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H. This indicates that successful exploitation can lead to a complete compromise of the confidentiality, integrity, and availability of the affected systems.
Affected Products:
The vulnerability impacts the following UniFi Access product lines and firmware versions:
– UniFi Access Reader Pro (firmware version 2.14.21 and earlier)
– UniFi Access G2 Reader Pro (firmware version 1.10.32 and earlier)
– UniFi Access G3 Reader Pro (firmware version 1.10.30 and earlier)
– UniFi Access Intercom (firmware version 1.7.28 and earlier)
– UniFi Access G3 Intercom (firmware version 1.7.29 and earlier)
– UniFi Access Intercom Viewer (firmware version 1.3.20 and earlier)
Organizations utilizing these devices in their physical security infrastructure are at risk of unauthorized access to building management systems, surveillance networks, and access control mechanisms. The widespread use of these products suggests that numerous enterprise environments could be vulnerable.
Discovery and Disclosure:
Security researchers Bongeun Koo and Junhyung Cho identified this critical flaw. Their findings highlight the potential for attackers to exploit the vulnerability to gain unauthorized control over affected devices, posing significant risks to enterprise security infrastructures.
Mitigation Measures:
Ubiquiti has responded promptly by releasing firmware updates to address the vulnerability across all affected product lines. Network administrators are strongly advised to implement the following updates immediately:
– Update UniFi Access Reader Pro to firmware version 2.15.9 or later.
– Update UniFi Access G2 Reader Pro to firmware version 1.11.23 or later.
– Update UniFi Access G3 Reader Pro to firmware version 1.11.22 or later.
– Update UniFi Access Intercom and UniFi Access G3 Intercom to firmware version 1.8.22 or later.
– Update UniFi Access Intercom Viewer to firmware version 1.4.39 or later.
In addition to applying these critical updates, organizations should consider implementing the following security best practices:
– Network Segmentation: Isolate UniFi Access devices from the main enterprise network to limit potential attack vectors.
– Access Controls: Restrict access to the UniFi Access management network to authorized personnel only.
– Regular Audits: Conduct periodic security assessments to identify and mitigate potential vulnerabilities proactively.
Broader Implications:
This vulnerability is part of a series of security issues identified in Ubiquiti’s UniFi product line. For instance, earlier this year, a critical heap buffer overflow vulnerability (CVE-2025-23123) was discovered in UniFi Protect Cameras, allowing remote code execution. Such recurring vulnerabilities underscore the importance of continuous vigilance and prompt response to security advisories.
The exploitation of these vulnerabilities can have severe consequences, including unauthorized surveillance, data breaches, and potential entry points for further network infiltration. Therefore, it is imperative for organizations to stay informed about security updates and to implement recommended patches without delay.
Conclusion:
The discovery of CVE-2025-27212 in Ubiquiti UniFi Access devices serves as a critical reminder of the importance of robust cybersecurity measures. Organizations must prioritize the immediate application of firmware updates provided by Ubiquiti to mitigate this vulnerability. Additionally, adopting comprehensive security practices, such as network segmentation and regular audits, can further enhance the resilience of enterprise security infrastructures against potential threats.
