Vulnerabilities in ECOVACS
13 resultsCVE-2024-52325MEDIUMECOVACS robot lawnmowers and vacuums command injectionEPSS 3.0%CVE-2024-52327MEDIUMECOVACS lawnmower and vacuum cloud service live video PIN bypassEPSS 0.5%CVE-2024-11147HIGHECOVACS lawnmowers and vacuums deterministic root passwordEPSS 0.4%CVE-2024-52329CRITICALECOVACS HOME mobile app plugins do not properly validate TLS certificatesEPSS 0.4%CVE-2024-52330CRITICALECOVACS lawnmowers and vacuums do not properly validate TLS certificatesEPSS 0.3%CVE-2024-12078MEDIUMECOVACS lawnmowers and vacuums static BLE GATT encryption keyEPSS 0.3%CVE-2025-30199HIGHECOVACS Vacuum and Base Station accept unsigned firmwareEPSS 0.3%CVE-2024-52328LOWECOVACS lawnmowers and vacuums insecurely store audio warning filesEPSS 0.2%CVE-2024-52331HIGHECOVACS lawnmowers and vacuums deterministic firmware encryption keyEPSS 0.2%CVE-2025-30198LOWECOVACS Vacuum and Base Station Hard-Coded WPA2-PSKEPSS 0.2%CVE-2025-2394MEDIUMDisclosure of Alibaba (OSS) Keys In Ecovacs Home Android and iOS Mobile ApplicationsEPSS 0.2%CVE-2024-12079MEDIUMECOVACS lawnmowers cleartext storage of anti-theft PINEPSS 0.1%CVE-2025-30200LOWECOVACS Vacuum and Base Station Hard-Coded AES EncryptionEPSS 0.1%