Ecovacs: Security Vulnerabilities
ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. An attacker with shell access can login as root.
CVSS Score
7.0
EPSS Score
0.004
Published
2025-01-23
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
CVSS Score
5.8
EPSS Score
0.029
Published
2025-01-23
Page 2