Ecovacs: >> Deebot X5 Pro Firmware Security Vulnerabilities
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
CVSS Score
7.4
EPSS Score
0.001
Published
2025-01-23
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
CVSS Score
9.6
EPSS Score
0.023
Published
2025-01-23