CVE-2025-24285 is a critical vulnerability identified in the UniFi Connect EV Station Lite product by Ubiquiti Inc, specifically affecting versions 1.5.1 and earlier. The vulnerability arises from multiple improper input validation issues that allow an unauthenticated attacker with network access to the device to perform command injection attacks. Command injection (CWE-77) vulnerabilities enable attackers to execute arbitrary commands on the underlying operating system, potentially leading to full system compromise. The vulnerability has a CVSS v3.1 base score of 9.8, indicating critical severity, with attack vector as network (AV:N), no privileges required (PR:N), no user interaction needed (UI:N), and high impact on confidentiality, integrity, and availability (C:H/I:H/A:H). This means an attacker can remotely exploit the vulnerability without authentication or user interaction, leading to complete control over the affected device. The UniFi Connect EV Station Lite is a network-connected electric vehicle charging station controller, which implies that exploitation could impact the operational integrity of EV charging infrastructure. Although no known exploits are currently reported in the wild, the high severity and ease of exploitation make this a significant threat. The vendor has released version 1.5.2 to address this issue, and upgrading to this or later versions is the primary mitigation.

For European organizations, the impact of this vulnerability is substantial, particularly for entities involved in electric vehicle infrastructure, such as charging station operators, energy providers, and smart city projects. Exploitation could lead to unauthorized control over EV charging stations, resulting in service disruption, denial of charging services, or manipulation of charging parameters. This could cause operational downtime, financial losses, and reputational damage. Additionally, compromised EV stations could be leveraged as entry points into broader corporate or municipal networks, facilitating lateral movement and further attacks. Given the increasing adoption of EV infrastructure in Europe, especially in countries with aggressive green energy policies, the risk extends to critical infrastructure sectors. The confidentiality breach could expose sensitive operational data, while integrity and availability impacts could disrupt essential services. The lack of required authentication and user interaction increases the risk of automated or widespread exploitation attempts.

European organizations should immediately verify the version of UniFi Connect EV Station Lite devices in their environment and prioritize upgrading all affected units to version 1.5.2 or later. Network segmentation should be enforced to isolate EV charging infrastructure from critical internal networks, limiting exposure to potential attackers. Implement strict access controls and monitoring on network segments hosting these devices to detect anomalous activities indicative of exploitation attempts. Employ intrusion detection/prevention systems (IDS/IPS) with signatures or heuristics tuned for command injection patterns. Regularly audit device configurations and logs for signs of compromise. Additionally, organizations should engage with Ubiquiti support channels for any further security advisories or patches. Where possible, disable unnecessary network services on the devices to reduce the attack surface. Finally, incorporate this vulnerability into incident response planning to ensure rapid containment if exploitation is detected.