Search criteria
5 vulnerabilities found for mate_x_firmware by ecovacs
FKIE_CVE-2024-52330
Vulnerability from fkie_nvd - Published: 2025-01-23 17:15 - Updated: 2025-09-23 17:48
Severity ?
Summary
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
References
| URL | Tags | ||
|---|---|---|---|
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf | Exploit, Third Party Advisory | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf | Exploit, Third Party Advisory | |
| 9119a7d8-5eab-497f-8521-727c672e3725 | https://www.ecovacs.com/global/userhelp/dsa20241217001 | Vendor Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x2_omni_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DFBAD9FC-1343-4D07-99E6-9E7C3D77C694",
"versionEndExcluding": "1.76.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x2_omni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "9BD94283-0BC1-4C7C-A5F3-9D57E44B4C64",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x2_combo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DAF98AFD-C399-4AB8-A637-29561F39F134",
"versionEndExcluding": "1.81.10",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x2_combo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C12633C-1BD2-4BF6-BF11-FC05221B93EB",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x2s_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "969D4A03-B499-4218-BF07-22E51654AA6C",
"versionEndExcluding": "1.49.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x2s:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11AA1D51-EE29-4252-A739-1F1D4A3F428D",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "5B819C9B-F143-4A63-825C-B1DF1DCB16B7",
"versionEndExcluding": "1.70.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "64AB781B-CB28-4229-A74D-8CDD325EFAC3",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F61F40B-6031-4C32-9571-B92C3377EFB2",
"versionEndExcluding": "1.38.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CFE49BE7-59E8-4447-B78B-4FEDF4F773CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x5_pro_ultra_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "9C4821F3-3B7D-4035-980F-C11713C5D424",
"versionEndExcluding": "1.17.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x5_pro_ultra:-:*:*:*:*:*:*:*",
"matchCriteriaId": "8504979A-A4F0-4A03-8816-E9AB3BD6F40B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:mate_x_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0C4EC5E7-04E3-497C-ACD9-2479C48A2FC4",
"versionEndExcluding": "1.44.18",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:mate_x:-:*:*:*:*:*:*:*",
"matchCriteriaId": "706F2C75-0E75-487B-BA24-EB824E6BC16B",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1_omni_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "8F75A470-5B86-41C6-86E2-232656AF68F9",
"versionEndExcluding": "2.4.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1_omni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "91E23E30-45BE-4142-8E9C-032282F3B6A6",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1_turbo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "0F868AC3-7B87-44E5-A7B0-F2C85DCA7E7C",
"versionEndExcluding": "2.4.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1_turbo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "65F69609-1D21-461A-9457-A745194759CD",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1_pro_omni_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "2B044584-55B4-4E88-99C9-9A48D9B4E908",
"versionEndExcluding": "2.4.41",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1_pro_omni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "003B54E0-B2FF-485A-9A55-925609EE8DF1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4AE87B2E-A1B1-438E-9482-E8466647050B",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA0B484-221F-4E67-927F-DBCBBC1F6448",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7DC2AA81-5895-43EE-8B34-D8074DDD301F",
"versionEndExcluding": "1.7.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C5586D60-D87F-45A1-8619-F6CC12AD9731",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1s_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "849A58E5-2700-49F4-BF60-C35E97689AE1",
"versionEndExcluding": "2.5.31",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1s_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "037628A9-DD54-4A4B-97A9-78142B76E91E",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1s_pro_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "7526B614-1962-490C-8972-2A275A471A86",
"versionEndExcluding": "1.23.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1s_pro_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "4612A790-C3CC-40AA-8E31-2C2918C6AB6C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x1e_omni_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "67C721A5-53B6-4B15-A76C-481EF4C45147",
"versionEndExcluding": "2.4.42",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x1e_omni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "16705AA3-4CAE-4BF5-8084-6A6CB30A1E8C",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_t10_turbo_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "454C233D-82D5-4B99-AC3A-94B1CF23F078",
"versionEndExcluding": "1.10.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_t10_turbo:-:*:*:*:*:*:*:*",
"matchCriteriaId": "85DEFE0B-99F7-49DF-96E3-69B6FC1EF262",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_t10_plus_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "79E44970-1ADF-4170-A09A-F64F02E27C64",
"versionEndExcluding": "1.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_t10_plus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "1CBAA124-1B4C-4E75-80E1-A747AC9183E1",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_t10_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "4CA98740-BA9B-4479-B92F-F76B1234D2FE",
"versionEndExcluding": "1.7.5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_t10:-:*:*:*:*:*:*:*",
"matchCriteriaId": "318C962D-54C2-456E-A045-1332A02958E9",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_t10_omni_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "B843C490-26E9-4D03-8BCB-DBC462833D12",
"versionEndExcluding": "1.9.0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_t10_omni:-:*:*:*:*:*:*:*",
"matchCriteriaId": "11395F70-87C2-41DD-9D9A-CFA8D0512ECE",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:o:ecovacs:deebot_x2_pro_firmware:*:*:*:*:*:*:*:*",
"matchCriteriaId": "F3F737D6-74BD-47F8-88B7-045E8B280E46",
"versionEndExcluding": "1.76.6",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
},
{
"cpeMatch": [
{
"criteria": "cpe:2.3:h:ecovacs:deebot_x2_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "C98FE3FD-E432-4DD7-AF87-6FBA4C4ABC45",
"vulnerable": false
}
],
"negate": false,
"operator": "OR"
}
],
"operator": "AND"
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates."
},
{
"lang": "es",
"value": "Las cortadoras de c\u00e9sped y las aspiradoras ECOVACS no validan correctamente los certificados TLS. Un atacante no autenticado puede leer o modificar el tr\u00e1fico TLS, posiblemente modificando las actualizaciones de firmware."
}
],
"id": "CVE-2024-52330",
"lastModified": "2025-09-23T17:48:33.127",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.2,
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
],
"cvssMetricV40": [
{
"cvssData": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "PRESENT",
"attackVector": "NETWORK",
"availabilityRequirement": "NOT_DEFINED",
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"confidentialityRequirement": "NOT_DEFINED",
"exploitMaturity": "NOT_DEFINED",
"integrityRequirement": "NOT_DEFINED",
"modifiedAttackComplexity": "NOT_DEFINED",
"modifiedAttackRequirements": "NOT_DEFINED",
"modifiedAttackVector": "NOT_DEFINED",
"modifiedPrivilegesRequired": "NOT_DEFINED",
"modifiedSubAvailabilityImpact": "NOT_DEFINED",
"modifiedSubConfidentialityImpact": "NOT_DEFINED",
"modifiedSubIntegrityImpact": "NOT_DEFINED",
"modifiedUserInteraction": "NOT_DEFINED",
"modifiedVulnAvailabilityImpact": "NOT_DEFINED",
"modifiedVulnConfidentialityImpact": "NOT_DEFINED",
"modifiedVulnIntegrityImpact": "NOT_DEFINED",
"privilegesRequired": "NONE",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
"version": "4.0",
"vulnAvailabilityImpact": "NONE",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
]
},
"published": "2025-01-23T17:15:14.427",
"references": [
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"tags": [
"Vendor Advisory"
],
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217001"
}
],
"sourceIdentifier": "9119a7d8-5eab-497f-8521-727c672e3725",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-295"
}
],
"source": "9119a7d8-5eab-497f-8521-727c672e3725",
"type": "Secondary"
}
]
}
CVE-2024-52330 (GCVE-0-2024-52330)
Vulnerability from cvelistv5 – Published: 2025-01-23 16:36 – Updated: 2025-02-12 20:41
VLAI?
Title
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates
Summary
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
Severity ?
7.4 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ECOVACS | DEEBOT X5 PRO PLUS |
Unaffected:
1.38.0
Affected: 0 , < 1.38.0 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52330",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:56:31.855219Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:28.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.38.0"
},
{
"lessThan": "1.38.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.70.0"
},
{
"lessThan": "1.70.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2S",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.49.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.49.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.76.6"
},
{
"lessThan": "1.76.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 TURBO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.4.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.3"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1S PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.5.31"
},
{
"lessThan": "2.5.31",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1e OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.4.42"
},
{
"lessThan": "2.4.42",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.5"
},
{
"lessThan": "1.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.9.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.9.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO ULTRA",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.17.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mate X",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.44.18"
},
{
"lessThan": "1.44.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.76.6"
},
{
"lessThan": "1.76.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 COMBO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.81.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.81.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.4.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 PRO OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.4.41"
},
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.3"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1S PRO PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.23.0"
},
{
"lessThan": "1.23.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 TURBO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.10.0"
},
{
"lessThan": "1.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.7.5"
}
]
}
],
"datePublic": "2023-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
},
{
"cvssV4_0": {
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T16:36:50.128Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"name": "url",
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217001"
}
],
"title": "ECOVACS lawnmowers and vacuums do not properly validate TLS certificates"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52330",
"datePublished": "2025-01-23T16:36:50.128Z",
"dateReserved": "2024-11-08T01:06:02.405Z",
"dateUpdated": "2025-02-12T20:41:28.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52329 (GCVE-0-2024-52329)
Vulnerability from cvelistv5 – Published: 2025-01-23 16:36 – Updated: 2025-02-12 20:41
VLAI?
Title
ECOVACS HOME mobile app plugins do not properly validate TLS certificates
Summary
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens.
Severity ?
7.4 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ECOVACS | ECOVACS HOME |
Unaffected:
3.0.0
Affected: 0 , < 3.0.0 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52329",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:56:47.220852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:29.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ECOVACS HOME",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "3.0.0"
},
{
"lessThan": "3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T16:36:06.533Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"name": "url",
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217001"
}
],
"title": "ECOVACS HOME mobile app plugins do not properly validate TLS certificates"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52329",
"datePublished": "2025-01-23T16:36:06.533Z",
"dateReserved": "2024-11-08T01:06:02.405Z",
"dateUpdated": "2025-02-12T20:41:29.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52330 (GCVE-0-2024-52330)
Vulnerability from nvd – Published: 2025-01-23 16:36 – Updated: 2025-02-12 20:41
VLAI?
Title
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates
Summary
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.
Severity ?
7.4 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ECOVACS | DEEBOT X5 PRO PLUS |
Unaffected:
1.38.0
Affected: 0 , < 1.38.0 (custom) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52330",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:56:31.855219Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:28.969Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.38.0"
},
{
"lessThan": "1.38.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.70.0"
},
{
"lessThan": "1.70.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2S",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.49.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.49.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.76.6"
},
{
"lessThan": "1.76.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 TURBO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.4.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.3"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1S PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.5.31"
},
{
"lessThan": "2.5.31",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1e OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.4.42"
},
{
"lessThan": "2.4.42",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.5"
},
{
"lessThan": "1.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.9.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.9.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO ULTRA",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.17.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "Mate X",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.44.18"
},
{
"lessThan": "1.44.18",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 PRO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.76.6"
},
{
"lessThan": "1.76.6",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 COMBO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.81.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.81.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "2.4.41"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 PRO OMNI",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "2.4.41"
},
{
"lessThan": "2.4.41",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1 PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.7.3"
},
{
"lessThan": "1.7.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X1S PRO PLUS",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.23.0"
},
{
"lessThan": "1.23.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10 TURBO",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "1.10.0"
},
{
"lessThan": "1.10.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T10",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.7.5",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.7.5"
}
]
}
],
"datePublic": "2023-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
},
{
"cvssV4_0": {
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T16:36:50.128Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"name": "url",
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217001"
}
],
"title": "ECOVACS lawnmowers and vacuums do not properly validate TLS certificates"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52330",
"datePublished": "2025-01-23T16:36:50.128Z",
"dateReserved": "2024-11-08T01:06:02.405Z",
"dateUpdated": "2025-02-12T20:41:28.969Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-52329 (GCVE-0-2024-52329)
Vulnerability from nvd – Published: 2025-01-23 16:36 – Updated: 2025-02-12 20:41
VLAI?
Title
ECOVACS HOME mobile app plugins do not properly validate TLS certificates
Summary
ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens.
Severity ?
7.4 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| ECOVACS | ECOVACS HOME |
Unaffected:
3.0.0
Affected: 0 , < 3.0.0 (custom) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52329",
"options": [
{
"Exploitation": "poc"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:56:47.220852Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:29.110Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "ECOVACS HOME",
"vendor": "ECOVACS",
"versions": [
{
"status": "unaffected",
"version": "3.0.0"
},
{
"lessThan": "3.0.0",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"datePublic": "2023-12-27T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ECOVACS HOME mobile app plugins for specific robots do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic and obtain authentication tokens."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 9.5,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:H/VI:H/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"baseScore": 7.4,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295 Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-23T16:36:06.533Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf"
},
{
"name": "url",
"url": "https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241217001"
}
],
"title": "ECOVACS HOME mobile app plugins do not properly validate TLS certificates"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52329",
"datePublished": "2025-01-23T16:36:06.533Z",
"dateReserved": "2024-11-08T01:06:02.405Z",
"dateUpdated": "2025-02-12T20:41:29.110Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}