CVE-2025-52665 is a critical security vulnerability identified in Ubiquiti Inc's UniFi Access Application, specifically affecting versions 3.3.22 through 3.4.31. The root cause is a misconfiguration that exposes a management API without proper authentication controls, categorized under CWE-306 (Missing Authentication for Critical Function). This flaw allows any malicious actor with access to the management network to interact with the API without credentials, enabling full compromise of the door access management system. The vulnerability impacts confidentiality by potentially exposing sensitive access control data, integrity by allowing unauthorized changes to access permissions or configurations, and availability by enabling denial of service or lockout scenarios. The CVSS v3.1 base score is 10.0, reflecting the highest severity, with attack vector Network (AV:N), low attack complexity (AC:L), no privileges required (PR:N), no user interaction (UI:N), and scope changed (S:C), indicating that exploitation can affect resources beyond the initially vulnerable component. The vulnerability was introduced in version 3.3.22 and fixed in version 4.0.21 and later. Although no exploits are currently known in the wild, the ease of exploitation and critical impact make it a significant threat. The affected product is widely used for physical access control in enterprise and critical infrastructure environments, making the vulnerability particularly dangerous if exploited.

For European organizations, the impact of CVE-2025-52665 is substantial. UniFi Access Application is commonly deployed in corporate offices, government buildings, and critical infrastructure facilities to manage physical access controls. Exploitation could lead to unauthorized physical access, data breaches, sabotage, or disruption of essential services. Confidentiality breaches could expose sensitive personnel and access logs, while integrity violations could allow attackers to alter access permissions or disable security controls. Availability impacts could result in denial of access for legitimate users or lockouts, potentially disrupting business operations or emergency responses. Given the vulnerability requires only network access without authentication, any compromise or lateral movement within the management network could lead to full system takeover. This risk is amplified in environments with insufficient network segmentation or weak internal security controls. The critical nature of physical access systems means that exploitation could have cascading effects on organizational security and safety.

To mitigate this vulnerability, European organizations should immediately upgrade their UniFi Access Application to version 4.0.21 or later, where the authentication issue has been resolved. Network segmentation should be enforced to restrict access to the management network only to authorized personnel and systems, minimizing exposure. Implement strict access controls and monitoring on the management network to detect unauthorized access attempts. Regularly audit configurations to ensure no management APIs are exposed without authentication. Employ network intrusion detection/prevention systems (IDS/IPS) to identify anomalous API usage patterns. Additionally, organizations should review and update incident response plans to address potential physical security breaches stemming from this vulnerability. Where immediate patching is not feasible, consider temporarily disabling remote management features or isolating the affected systems until updates can be applied.