Vulnerability Details CVE-2024-52325
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.074
EPSS Ranking 91.4%
CVSS Severity
CVSS v3 Score 9.6
References
Products affected by CVE-2024-52325
-
cpe:2.3:h:ecovacs:deebot_t30_omni:-
-
cpe:2.3:h:ecovacs:deebot_t30s:-
-
cpe:2.3:h:ecovacs:deebot_x2_combo:-
-
cpe:2.3:h:ecovacs:deebot_x2_omni:-
-
cpe:2.3:h:ecovacs:deebot_x2s:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro_plus:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro_ultra:-
-
cpe:2.3:h:ecovacs:goat_g1-2000:-
-
cpe:2.3:h:ecovacs:goat_g1-800:-
-
cpe:2.3:h:ecovacs:goat_g1:-
-
cpe:2.3:h:ecovacs:gx-600:-
-
cpe:2.3:o:ecovacs:deebot_t30_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_t30s_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2_combo_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2s_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_plus_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_ultra_firmware:*
-
cpe:2.3:o:ecovacs:goat_g1-2000_firmware:*
-
cpe:2.3:o:ecovacs:goat_g1-800_firmware:*
-
cpe:2.3:o:ecovacs:goat_g1_firmware:-
-
cpe:2.3:o:ecovacs:gx-600_firmware:*