CVE-2024-52325

moderate-risk
Published 2025-01-23

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

Do I need to act?

-
0.63% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
9
CVSS 9.6/10 Critical
ADJACENT_NETWORK / LOW complexity

Affected Products (12)

Goat G1-2000 Firmware
Goat G1 Firmware
Goat G1-800 Firmware
Gx-600 Firmware
Deebot X2 Omni Firmware
Deebot X2 Combo Firmware
Deebot X2S Firmware
Deebot X5 Pro Firmware
Deebot X5 Pro Plus Firmware
Deebot X5 Pro Ultra Firmware
Deebot T30 Omni Firmware
Deebot T30S Firmware

Affected Vendors

Ecovacs

References (4)

Exploit https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf
Vendor Advisory https://www.ecovacs.com/global/userhelp/dsa20241119
Vendor Advisory https://www.ecovacs.com/global/userhelp/dsa20241130001
Exploit https://youtu.be/_wUsM0Mlenc?t=2041
48
/ 100
moderate-risk
Severity 29/34 · Critical
Exploitability 2/34 · Minimal
Exposure 17/34 · Moderate