CVE-2025-24285 identifies a critical security vulnerability in the UniFi Connect EV Station Lite, a product by Ubiquiti Inc used for managing electric vehicle charging stations. The vulnerability stems from multiple improper input validation flaws (CWE-77) that enable command injection attacks. An attacker with network access to the device can send specially crafted inputs that are not properly sanitized, allowing arbitrary command execution on the underlying system. This can lead to complete compromise of the device, including unauthorized control over EV charging operations and potential pivoting to other network assets. The vulnerability affects all versions up to and including 1.5.1, with a fix released in version 1.5.2. The CVSS v3.1 base score is 9.8, reflecting network attack vector (AV:N), no required privileges (PR:N), no user interaction (UI:N), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). Although no public exploits have been reported yet, the critical nature and ease of exploitation make this a high-priority issue. The vulnerability was reserved in January 2025 and published in August 2025. Given the product’s role in EV infrastructure, exploitation could disrupt critical services and pose safety risks.

The impact of CVE-2025-24285 is severe for organizations deploying UniFi Connect EV Station Lite devices. Successful exploitation allows attackers to execute arbitrary commands remotely without authentication, leading to full device compromise. This can result in unauthorized control over EV charging stations, potentially disrupting charging availability, causing denial of service, or manipulating charging parameters. The breach of confidentiality could expose sensitive operational data and network configurations. Integrity and availability impacts are critical as attackers can alter device behavior or render it inoperable, affecting EV users and infrastructure reliability. Additionally, compromised devices could serve as footholds for lateral movement within enterprise or utility networks, increasing the risk of broader attacks. The vulnerability’s network accessibility and lack of required privileges amplify the threat, making it a significant risk for utilities, EV charging operators, and enterprises integrating these devices into their infrastructure.

To mitigate CVE-2025-24285, organizations should immediately update all UniFi Connect EV Station Lite devices to firmware version 1.5.2 or later, which contains the necessary patches to address the improper input validation flaws. Network segmentation should be implemented to isolate EV charging station management interfaces from general network access, limiting exposure to trusted administrative networks only. Employ strict firewall rules to restrict inbound traffic to the devices, allowing only authorized IP addresses and protocols. Continuous monitoring of network traffic and device logs for unusual commands or access attempts can help detect exploitation attempts early. Additionally, organizations should review and harden device configurations, disable unnecessary services, and ensure strong authentication mechanisms are in place for management interfaces. Regular vulnerability assessments and penetration testing focused on EV infrastructure can help identify residual risks. Finally, maintain up-to-date incident response plans tailored to EV infrastructure compromise scenarios.