Vulnerability-Lookup - Search a vulnerability

Search criteria

Vendor

Product

Assigner

Sources

Sort by

Order

FKIE_CVE-2024-52325

Vulnerability from fkie_nvd - Published: 2025-01-23 16:15 - Updated: 2025-09-23 17:35

Severity ?

9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

Summary

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

References

URL	Tags
9119a7d8-5eab-497f-8521-727c672e3725	https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf	Exploit, Third Party Advisory
9119a7d8-5eab-497f-8521-727c672e3725	https://www.ecovacs.com/global/userhelp/dsa20241119	Vendor Advisory
9119a7d8-5eab-497f-8521-727c672e3725	https://www.ecovacs.com/global/userhelp/dsa20241130001	Vendor Advisory
9119a7d8-5eab-497f-8521-727c672e3725	https://youtu.be/_wUsM0Mlenc?t=2041	Exploit

Impacted products

Vendor	Product	Version
ecovacs	goat_g1-2000_firmware	*
ecovacs	goat_g1-2000	-
ecovacs	goat_g1_firmware	*
ecovacs	goat_g1	-
ecovacs	goat_g1-800_firmware	*
ecovacs	goat_g1-800	-
ecovacs	gx-600_firmware	*
ecovacs	gx-600	-
ecovacs	deebot_x2_omni_firmware	*
ecovacs	deebot_x2_omni	-
ecovacs	deebot_x2_combo_firmware	*
ecovacs	deebot_x2_combo	-
ecovacs	deebot_x2s_firmware	*
ecovacs	deebot_x2s	-
ecovacs	deebot_x5_pro_firmware	*
ecovacs	deebot_x5_pro	-
ecovacs	deebot_x5_pro_plus_firmware	*
ecovacs	deebot_x5_pro_plus	-
ecovacs	deebot_x5_pro_ultra_firmware	*
ecovacs	deebot_x5_pro_ultra	-
ecovacs	deebot_t30_omni_firmware	*
ecovacs	deebot_t30_omni	-
ecovacs	deebot_t30s_firmware	*
ecovacs	deebot_t30s	-

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:goat_g1-2000_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "7B5B36B7-4C8D-4E8D-8B51-1628F3330D1C",
              "versionEndExcluding": "1.36.187",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:goat_g1-2000:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "61AB63A0-18C2-4B8B-8315-C5CA598FCAE5",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:goat_g1_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DC51551A-F434-4D50-A700-8A65C41BD5B1",
              "versionEndExcluding": "1.36.187",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:goat_g1:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "75B2D398-870D-408F-817D-FDEE8C93D683",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:goat_g1-800_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "EC6F6F05-7D54-4C27-8785-1FB67D826C35",
              "versionEndExcluding": "1.36.187",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:goat_g1-800:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE264ABA-5F6A-43D4-85DC-6D480D3AE9A3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:gx-600_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "ECDACFD6-592A-4AA0-9943-64AA8D12E3EE",
              "versionEndExcluding": "1.2.120",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:gx-600:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "DE0918D2-0708-464F-B983-E57B523E33A0",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x2_omni_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DFBAD9FC-1343-4D07-99E6-9E7C3D77C694",
              "versionEndExcluding": "1.76.6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x2_omni:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BD94283-0BC1-4C7C-A5F3-9D57E44B4C64",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x2_combo_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "DAF98AFD-C399-4AB8-A637-29561F39F134",
              "versionEndExcluding": "1.81.10",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x2_combo:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C12633C-1BD2-4BF6-BF11-FC05221B93EB",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x2s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "969D4A03-B499-4218-BF07-22E51654AA6C",
              "versionEndExcluding": "1.49.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x2s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "11AA1D51-EE29-4252-A739-1F1D4A3F428D",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B819C9B-F143-4A63-825C-B1DF1DCB16B7",
              "versionEndExcluding": "1.70.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "64AB781B-CB28-4229-A74D-8CDD325EFAC3",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_plus_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0F61F40B-6031-4C32-9571-B92C3377EFB2",
              "versionEndExcluding": "1.38.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro_plus:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "CFE49BE7-59E8-4447-B78B-4FEDF4F773CD",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_ultra_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "9C4821F3-3B7D-4035-980F-C11713C5D424",
              "versionEndExcluding": "1.17.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro_ultra:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "8504979A-A4F0-4A03-8816-E9AB3BD6F40B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_t30_omni_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "E405CE55-CDCC-4867-A0CC-84F8ACE56FD7",
              "versionEndExcluding": "1.93.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_t30_omni:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "5B4D1A83-F00F-4F66-88DF-67C9FD036016",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:ecovacs:deebot_t30s_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A78434E-A69A-44CB-9B2C-239C060A8789",
              "versionEndExcluding": "1.95.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:ecovacs:deebot_t30s:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "EAC6EDB9-24EE-4113-B3D6-90CA18590BA9",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection."
    },
    {
      "lang": "es",
      "value": "Los robots cortac\u00e9sped y aspiradores ECOVACS son vulnerables a la inyecci\u00f3n de comandos a trav\u00e9s de SetNetPin() en una conexi\u00f3n BLE no autenticada."
    }
  ],
  "id": "CVE-2024-52325",
  "lastModified": "2025-09-23T17:35:35.463",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "ADJACENT_NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.6,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 6.0,
        "source": "9119a7d8-5eab-497f-8521-727c672e3725",
        "type": "Secondary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "PRESENT",
          "attackVector": "ADJACENT",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 5.8,
          "baseSeverity": "MEDIUM",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "NONE",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "NONE",
          "vulnConfidentialityImpact": "NONE",
          "vulnIntegrityImpact": "NONE",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "9119a7d8-5eab-497f-8521-727c672e3725",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-01-23T16:15:35.943",
  "references": [
    {
      "source": "9119a7d8-5eab-497f-8521-727c672e3725",
      "tags": [
        "Exploit",
        "Third Party Advisory"
      ],
      "url": "https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf"
    },
    {
      "source": "9119a7d8-5eab-497f-8521-727c672e3725",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ecovacs.com/global/userhelp/dsa20241119"
    },
    {
      "source": "9119a7d8-5eab-497f-8521-727c672e3725",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "https://www.ecovacs.com/global/userhelp/dsa20241130001"
    },
    {
      "source": "9119a7d8-5eab-497f-8521-727c672e3725",
      "tags": [
        "Exploit"
      ],
      "url": "https://youtu.be/_wUsM0Mlenc?t=2041"
    }
  ],
  "sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-77"
        }
      ],
      "source": "9119a7d8-5eab-497f-8521-727c672e3725",
      "type": "Secondary"
    }
  ]
}

CVE-2024-52325 (GCVE-0-2024-52325)

Vulnerability from cvelistv5 – Published: 2025-01-23 15:56 – Updated: 2025-02-12 20:41

Summary

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

Severity ?

5.8 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

9.6 (Critical)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

cisa-cg

References

URL

Tags

	https://dontvacuum.me/talks/DEFCON32/DEFCON32_rev…
	https://youtu.be/_wUsM0Mlenc?t=2041
	https://www.ecovacs.com/global/userhelp/dsa20241130001
	https://www.ecovacs.com/global/userhelp/dsa20241119

Impacted products

Vendor

Product

Version

ECOVACS

GOAT G1

Affected: 0 , < 1.36.187 (custom)
Unaffected: 1.36.187

ECOVACS	GOAT G1-800	Affected: 0 , < 1.36.187 (custom) Unaffected: 1.36.187
ECOVACS	DEEBOT X2S	Affected: 0 , < 1.49.0 (custom) Unaffected: 1.49.0
ECOVACS	DEEBOT X5 PRO	Affected: 0 , < 1.70.0 (custom) Unaffected: 1.70.0
ECOVACS	DEEBOT X5 PRO PLUS	Affected: 0 , < 1.38.0 (custom) Unaffected: 1.38.0
ECOVACS	DEEBOT T30 OMNI	Affected: 0 , < 1.93.0 (custom) Unaffected: 1.93.0
ECOVACS	DEEBOT T30S	Affected: 0 , < 1.95.0 (custom) Unaffected: 1.95.0
ECOVACS	GOAT G1-2000	Affected: 0 , < 1.36.187 (custom) Unaffected: 1.36.187
ECOVACS	GOAT GX-600	Affected: 0 , < 1.2.120 (custom) Unaffected: 1.2.120
ECOVACS	DEEBOT X2 OMNI	Affected: 0 , < 1.76.6 (custom) Unaffected: 1.76.6
ECOVACS	DEEBOT X2 COMBO	Affected: 0 , < 1.81.10 (custom) Unaffected: 1.81.10
ECOVACS	DEEBOT X5 PRO ULTRA	Affected: 0 , < 1.17.0 (custom) Unaffected: 1.17.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52325",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-23T16:11:52.931430Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T20:41:26.651Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1-800",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2S",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.49.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.49.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.70.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.70.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO PLUS",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.38.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.38.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT T30 OMNI",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.93.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.93.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT T30S",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.95.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.95.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1-2000",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT GX-600",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.2.120",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.2.120"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2  OMNI",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.76.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.76.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2 COMBO",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.81.10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.81.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO ULTRA",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.17.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.17.0"
            }
          ]
        }
      ],
      "datePublic": "2024-08-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-24T15:04:12.565Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "name": "url",
          "url": "https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf"
        },
        {
          "name": "url",
          "url": "https://youtu.be/_wUsM0Mlenc?t=2041"
        },
        {
          "name": "url",
          "url": "https://www.ecovacs.com/global/userhelp/dsa20241130001"
        },
        {
          "name": "url",
          "url": "https://www.ecovacs.com/global/userhelp/dsa20241119"
        }
      ],
      "title": "ECOVACS robot lawnmowers and vacuums command injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2024-52325",
    "datePublished": "2025-01-23T15:56:30.185Z",
    "dateReserved": "2024-11-08T01:06:02.404Z",
    "dateUpdated": "2025-02-12T20:41:26.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

CVE-2024-52325 (GCVE-0-2024-52325)

Vulnerability from nvd – Published: 2025-01-23 15:56 – Updated: 2025-02-12 20:41

Summary

ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.

Severity ?

5.8 (Medium)


                        
                          CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H

9.6 (Critical)


                        
                          CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H

CWE

CWE-77 - Improper Neutralization of Special Elements used in a Command ('Command Injection')

Assigner

cisa-cg

References

URL

Tags

	https://dontvacuum.me/talks/DEFCON32/DEFCON32_rev…
	https://youtu.be/_wUsM0Mlenc?t=2041
	https://www.ecovacs.com/global/userhelp/dsa20241130001
	https://www.ecovacs.com/global/userhelp/dsa20241119

Impacted products

Vendor

Product

Version

ECOVACS

GOAT G1

Affected: 0 , < 1.36.187 (custom)
Unaffected: 1.36.187

ECOVACS	GOAT G1-800	Affected: 0 , < 1.36.187 (custom) Unaffected: 1.36.187
ECOVACS	DEEBOT X2S	Affected: 0 , < 1.49.0 (custom) Unaffected: 1.49.0
ECOVACS	DEEBOT X5 PRO	Affected: 0 , < 1.70.0 (custom) Unaffected: 1.70.0
ECOVACS	DEEBOT X5 PRO PLUS	Affected: 0 , < 1.38.0 (custom) Unaffected: 1.38.0
ECOVACS	DEEBOT T30 OMNI	Affected: 0 , < 1.93.0 (custom) Unaffected: 1.93.0
ECOVACS	DEEBOT T30S	Affected: 0 , < 1.95.0 (custom) Unaffected: 1.95.0
ECOVACS	GOAT G1-2000	Affected: 0 , < 1.36.187 (custom) Unaffected: 1.36.187
ECOVACS	GOAT GX-600	Affected: 0 , < 1.2.120 (custom) Unaffected: 1.2.120
ECOVACS	DEEBOT X2 OMNI	Affected: 0 , < 1.76.6 (custom) Unaffected: 1.76.6
ECOVACS	DEEBOT X2 COMBO	Affected: 0 , < 1.81.10 (custom) Unaffected: 1.81.10
ECOVACS	DEEBOT X5 PRO ULTRA	Affected: 0 , < 1.17.0 (custom) Unaffected: 1.17.0

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2024-52325",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-01-23T16:11:52.931430Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-02-12T20:41:26.651Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1-800",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2S",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.49.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.49.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.70.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.70.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO PLUS",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.38.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.38.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT T30 OMNI",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.93.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.93.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT T30S",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.95.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.95.0"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT G1-2000",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.36.187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.36.187"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "GOAT GX-600",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.2.120",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.2.120"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2  OMNI",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.76.6",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.76.6"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X2 COMBO",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.81.10",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.81.10"
            }
          ]
        },
        {
          "defaultStatus": "unknown",
          "product": "DEEBOT X5 PRO ULTRA",
          "vendor": "ECOVACS",
          "versions": [
            {
              "lessThan": "1.17.0",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "1.17.0"
            }
          ]
        }
      ],
      "datePublic": "2024-08-11T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 5.8,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
            "version": "4.0"
          },
          "format": "CVSS"
        },
        {
          "cvssV3_1": {
            "baseScore": 9.6,
            "baseSeverity": "CRITICAL",
            "vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
            "version": "3.1"
          },
          "format": "CVSS"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-77",
              "description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-01-24T15:04:12.565Z",
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg"
      },
      "references": [
        {
          "name": "url",
          "url": "https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf"
        },
        {
          "name": "url",
          "url": "https://youtu.be/_wUsM0Mlenc?t=2041"
        },
        {
          "name": "url",
          "url": "https://www.ecovacs.com/global/userhelp/dsa20241130001"
        },
        {
          "name": "url",
          "url": "https://www.ecovacs.com/global/userhelp/dsa20241119"
        }
      ],
      "title": "ECOVACS robot lawnmowers and vacuums command injection"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "cveId": "CVE-2024-52325",
    "datePublished": "2025-01-23T15:56:30.185Z",
    "dateReserved": "2024-11-08T01:06:02.404Z",
    "dateUpdated": "2025-02-12T20:41:26.651Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}

Search criteria

3 vulnerabilities found for gx-600_firmware by ecovacs

FKIE_CVE-2024-52325

CVE-2024-52325 (GCVE-0-2024-52325)

CVE-2024-52325 (GCVE-0-2024-52325)