CVE-2025-52665 – “Ubiquiti UniFi Access Unauthenticated API Exposure”

CVE ID : CVE-2025-52665

Published : Oct. 31, 2025, 12:15 a.m. | 1 hour, 11 minutes ago

Description : A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later. 

Affected Products:
UniFi Access Application (Version 3.3.22 through 3.4.31). 


Mitigation:
Update your UniFi Access Application to Version 4.0.21 or later.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more…