Unrated severityNVD Advisory· Published Oct 30, 2025· Updated Oct 31, 2025

CVE-2025-52665

Description

A malicious actor with access to the management network could exploit a misconfiguration in UniFi’s door access application, UniFi Access, that exposed a management API without proper authentication. This vulnerability was introduced in Version 3.3.22 and was fixed in Version 4.0.21 and later.

Affected Products: UniFi Access Application (Version 3.3.22 through 3.4.31).

Mitigation: Update your UniFi Access Application to Version 4.0.21 or later.

Affected products

Ubiquiti Inc/UniFi Access Applicationv5
Range: 3.3.22

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

community.ui.com/releases/Security-Advisory-Bulletin-056/ce97352d-91cd-40a7-a2f4-2c73b3b30191mitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.019
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000