Vulnerability Details CVE-2024-52330
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 22.6%
CVSS Severity
CVSS v3 Score 7.4
References
Products affected by CVE-2024-52330
-
cpe:2.3:h:ecovacs:deebot_t10:-
-
cpe:2.3:h:ecovacs:deebot_t10_omni:-
-
cpe:2.3:h:ecovacs:deebot_t10_plus:-
-
cpe:2.3:h:ecovacs:deebot_t10_turbo:-
-
cpe:2.3:h:ecovacs:deebot_x1:-
-
cpe:2.3:h:ecovacs:deebot_x1_omni:-
-
cpe:2.3:h:ecovacs:deebot_x1_plus:-
-
cpe:2.3:h:ecovacs:deebot_x1_pro_omni:-
-
cpe:2.3:h:ecovacs:deebot_x1_turbo:-
-
cpe:2.3:h:ecovacs:deebot_x1e_omni:-
-
cpe:2.3:h:ecovacs:deebot_x1s_pro:-
-
cpe:2.3:h:ecovacs:deebot_x1s_pro_plus:-
-
cpe:2.3:h:ecovacs:deebot_x2_combo:-
-
cpe:2.3:h:ecovacs:deebot_x2_omni:-
-
cpe:2.3:h:ecovacs:deebot_x2_pro:-
-
cpe:2.3:h:ecovacs:deebot_x2s:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro_plus:-
-
cpe:2.3:h:ecovacs:deebot_x5_pro_ultra:-
-
cpe:2.3:h:ecovacs:mate_x:-
-
cpe:2.3:o:ecovacs:deebot_t10_firmware:-
-
cpe:2.3:o:ecovacs:deebot_t10_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_t10_plus_firmware:*
-
cpe:2.3:o:ecovacs:deebot_t10_turbo_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1_firmware:-
-
cpe:2.3:o:ecovacs:deebot_x1_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1_plus_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1_pro_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1_turbo_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1e_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x1s_pro_firmware:2.4.45
-
cpe:2.3:o:ecovacs:deebot_x1s_pro_plus_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2_combo_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2_omni_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2_pro_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x2s_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_plus_firmware:*
-
cpe:2.3:o:ecovacs:deebot_x5_pro_ultra_firmware:*
-
cpe:2.3:o:ecovacs:mate_x_firmware:*