CVE-2025-27215

Опубликовано: 21 авг. 2025

Источник: nvd

CVSS3: 8.1

EPSS Низкий

Описание

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system.

Affected Products:

UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier)

Mitigation:

Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later

Ссылки

https://community.ui.com/releases/Security-Advisory-Bulletin-052-052/ac1251ee-5bb5-4cdf-8a71-68acd1775bb6

EPSS

Процентиль: 11%

0.00038

Низкий

8.1 High

CVSS3

Дефекты

CWE-284

Связанные уязвимости

GHSA-46r6-wcwr-w4xm

CVSS3: 8.1

github

6 месяцев назад

An Improper Access Control could allow a malicious actor authenticated in the API of certain UniFi Connect Display Cast devices to make unsupported changes to the system. Affected Products: UniFi Connect Display Cast (Version 1.10.3 and earlier) UniFi Connect Display Cast Pro (Version 1.0.89 and earlier) UniFi Connect Display Cast Lite (Version 1.0.3 and earlier) Mitigation: Update UniFi Connect Display Cast to Version 1.10.7 or later Update UniFi Connect Display Cast Pro to Version 1.0.94 or later Update UniFi Connect Display Cast Lite to Version 1.1.8 or later

EPSS

Процентиль: 11%

0.00038

Низкий

8.1 High

CVSS3

Дефекты

CWE-284