CVE-2025-27214 is a critical vulnerability identified in the Ubiquiti Inc UniFi Connect EV Station Pro, specifically affecting versions 1.5.18 and earlier. The vulnerability is classified as a Missing Authentication for Critical Function (CWE-306), which means that a critical function—in this case, the factory reset capability—can be executed without any authentication checks. This flaw allows a malicious actor with physical or adjacent network access to the device to perform an unauthorized factory reset. The vulnerability has a CVSS v3.1 base score of 9.8, indicating a critical severity level. The CVSS vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H) shows that the attack can be performed remotely over the network (AV:N) with low attack complexity (AC:L), requires no privileges (PR:N) or user interaction (UI:N), and impacts confidentiality, integrity, and availability to a high degree (C:H/I:H/A:H). The scope remains unchanged (S:U). The factory reset function, when triggered without authentication, can erase all configurations and potentially disrupt the normal operation of the EV charging station, leading to denial of service and loss of control over the device. This vulnerability is particularly concerning because it does not require any authentication or user interaction, making exploitation straightforward for anyone with network or physical proximity. The vendor has released a patch in version 1.5.27 to address this issue, and updating to this or later versions is strongly recommended. No known exploits are currently reported in the wild, but the critical nature of the flaw suggests that exploitation attempts could emerge rapidly.

For European organizations, especially those involved in electric vehicle infrastructure, this vulnerability poses a significant risk. The UniFi Connect EV Station Pro is used to manage EV charging stations, which are critical components of sustainable transport infrastructure. Successful exploitation could lead to unauthorized resets, causing service disruptions and potential denial of service at charging stations. This could impact public and private charging networks, leading to operational downtime, loss of revenue, and reputational damage. Additionally, the loss of device configuration could expose organizations to further security risks if devices are reset to insecure default states. Given the increasing adoption of EV infrastructure across Europe, such disruptions could affect urban centers, transport hubs, and commercial facilities. The vulnerability also raises concerns about physical safety and reliability of EV charging services, which are becoming essential for the transition to green energy. The lack of authentication requirement lowers the barrier for attackers, increasing the likelihood of exploitation in environments where physical or adjacent network access is possible, such as public or semi-public charging stations.

Organizations should immediately verify the firmware version of their UniFi Connect EV Station Pro devices and upgrade to version 1.5.27 or later, where the vulnerability is patched. Beyond patching, it is critical to restrict physical and network access to these devices. This includes deploying network segmentation to isolate EV charging station management interfaces from public or less secure networks. Implementing strong access control policies and monitoring network traffic for unusual reset commands can help detect and prevent exploitation attempts. Physical security controls should be enhanced to prevent unauthorized personnel from gaining adjacent access to the devices. Additionally, organizations should audit device configurations regularly to ensure no unauthorized resets have occurred and maintain backups of device configurations to enable rapid recovery. Incorporating anomaly detection systems that alert on unexpected device resets or configuration changes can provide early warning of exploitation attempts. Finally, coordinating with Ubiquiti support and subscribing to security advisories will ensure timely awareness of any emerging threats or additional patches.