Critical flaw has been found in UniFi® Access application, which leaves its management API exposed with no authentication required.

The UniFi® Access Application is part of Ubiquiti’s platform designed for modern, managed door access control. It is used in corporate and commercial environments to manage who can enter physical locations (offices, server rooms, etc.). It controls door readers, manages user credentials (like NFC cards or mobile access), logs entry and exit events, and integrates physical security with the organization’s network.

Our CVE of the Week, CVE-2025-52665, allows malicious actors on the management network to potentially take full control of door access systems. Impacts might include high risks to confidentiality (data leaks), integrity (tampered access), and availability (system disruptions), with potential for physical intrusions or ransomware integration. These harmful consequences raise severe concerns for organizations, allowing intruders to unlock doors, disable controls, and manipulate access system data facilitating breaches into sensitive environments, once exploited the application.

The vulnerability originates from a misconfiguration that was first observed in version 3.3.22 of the UniFi Access app. Attackers could potentially manipulate API endpoints using crafted requests to modify access controls, unlock doors, or disrupt operation of these systems if no proper security measurements are in place in the environment.

All versions from 3.3.22 to 3.4.31 are affected by this flaw, enabling network-based exploitation with no privileges needed, which elevates the risk of compromise, if an attacker has already breached perimeter defences, or by an insider threat.

As the primary mitigation, Ubiquiti recommends updating to version 4.0.21 or later as soon as possible. Auditing network configurations, and monitoring for unusual API activities should be enforced in SIEM/SOAR system until update is completed.
This vulnerability also showcases that enterprise IoT devices require proper risk assessment, and network segmentation practices by strict firewall rules, and using separate VLANS for specific networks to enhance overall organization security posture.

Official Security Advisory by Ubiquiti:
https://community.ui.com/releases/Security-Advisory-Bulletin-056-056/ce97352d-91cd-40a7-a2f4-2c73b3b30191

Overview article:
https://cybersecuritynews.com/ubiquiti-unifi-door-access-app-vulnerability/

White Hat IT Security is a Europe-based Managed Security Services Provider (MSSP) and proud Microsoft Solution Partner. Its Microsoft-verified managed security solutions (MXDR) reflect their deep expertise and commitment to excellence in cybersecurity. The company was awarded the Partner of the Year Hungary Award by Microsoft in 2024.

With the largest incident response capacity in the CEE region, they’re trusted by organizations to deliver fast, effective, and proactive protection. Their portfolio includes penetration testing, vulnerability assessments, managed Cyber Threat Intelligence, as well as Governance, Risk and Compliance (GRC) consulting and specialized security training.

They are committed to supporting professional initiatives that aim to raise cybersecurity awareness and maturity—both for individuals and organizations. They regularly contribute to the community through knowledge sharing, education, and outreach, helping to

Week 44 – Open Sesame: UniFi Access Vulnerability Exposes Door Control Systems

27 Oct – 02 Nov 2025

Critical flaw has been found in UniFi® Access application, which leaves its management API exposed with no authentication required.

6th Annual CISO 360 Middle East

The Future of Secure Organisations

Neurotechnology Summit 2025

Third Party & Supply Chain Cyber Security Summit: Middle East Edition

WAM World Advanced Manufacturing & Logistics – Saudi