CVE-2025-24285

Ubiquiti · UniFi Connect EV Station Lite

Improper input validation in the UniFi Connect EV Station Lite allows for command injection by remote attackers with network access to the device.

Executive summary

A critical command injection vulnerability in the Ubiquiti UniFi Connect EV Station Lite allows remote attackers to execute arbitrary commands, posing a severe risk of system compromise.

Vulnerability

The vulnerability stems from multiple improper input validation flaws that allow an attacker with network access to perform command injection. This bypasses security controls and potentially grants the attacker control over the underlying operating system.

Business impact

With a CVSS score of 9.8, this vulnerability represents a critical risk of full system compromise, including unauthorized data access or the use of the device as a pivot point in the network. Such an exploit could lead to significant reputational damage, service outages, and the potential for lateral movement within the corporate network.

Remediation

Immediate Action: Update the UniFi Connect EV Station Lite firmware to the latest version immediately to patch the input validation flaws.

Proactive Monitoring: Review system and network logs for evidence of command execution attempts or anomalous traffic patterns originating from or directed toward the charging station.

Compensating Controls: Implement strict network segmentation and utilize a Web Application Firewall (WAF) or Intrusion Detection System (IDS) to inspect and block malicious input strings targeting the device.

Exploitation status

Public Exploit Available: Unknown

Analyst recommendation

Given the critical nature of command injection vulnerabilities, it is imperative to apply vendor-supplied patches immediately. Organizations must ensure that these devices are not exposed to untrusted networks until the remediation is verified.