Vulnerability Details CVE-2024-12079
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. An attacker can steal a lawnmower, read the PIN, and reset the anti-theft mechanism.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 1.1%
CVSS Severity
CVSS v3 Score 3.3
Products affected by CVE-2024-12079
-
cpe:2.3:h:ecovacs:airbot_andy:-
-
cpe:2.3:h:ecovacs:airbot_ava:-
-
cpe:2.3:h:ecovacs:airbot_z1:-
-
cpe:2.3:h:ecovacs:deebot_900:-
-
cpe:2.3:h:ecovacs:deebot_n10:-
-
cpe:2.3:h:ecovacs:deebot_n8:-
-
cpe:2.3:h:ecovacs:deebot_n9:-
-
cpe:2.3:h:ecovacs:deebot_t10:-
-
cpe:2.3:h:ecovacs:deebot_t20:-
-
cpe:2.3:h:ecovacs:deebot_t8:-
-
cpe:2.3:h:ecovacs:deebot_t9:-
-
cpe:2.3:h:ecovacs:deebot_x1:-
-
cpe:2.3:h:ecovacs:deebot_x2:-
-
cpe:2.3:h:ecovacs:goat_g1:-
-
cpe:2.3:o:ecovacs:airbot_andy_firmware:-
-
cpe:2.3:o:ecovacs:airbot_ava_firmware:-
-
cpe:2.3:o:ecovacs:airbot_z1_firmware:-
-
cpe:2.3:o:ecovacs:deebot_900_firmware:-
-
cpe:2.3:o:ecovacs:deebot_n10_firmware:-
-
cpe:2.3:o:ecovacs:deebot_n8_firmware:-
-
cpe:2.3:o:ecovacs:deebot_n9_firmware:-
-
cpe:2.3:o:ecovacs:deebot_t10_firmware:-
-
cpe:2.3:o:ecovacs:deebot_t20_firmware:-
-
cpe:2.3:o:ecovacs:deebot_t8_firmware:-
-
cpe:2.3:o:ecovacs:deebot_t9_firmware:-
-
cpe:2.3:o:ecovacs:deebot_x1_firmware:-
-
cpe:2.3:o:ecovacs:deebot_x2_firmware:-
-
cpe:2.3:o:ecovacs:goat_g1_firmware:-