8 matches found
EUVD-2025-27020
Malicious code in bioql PyPI...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30200
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30198
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...
CVE-2024-52331 ECOVACS lawnmowers and vacuums deterministic firmware encryption key
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successfully decrypted and installed by the robot...
PT-2025-2929 · Ecovacs · Ecovacs
Name of the Vulnerable Software and Affected Versions: ECOVACS robot lawnmowers and vacuums affected versions not specified Description: The issue concerns the use of a deterministic symmetric key for decrypting firmware updates in ECOVACS robots. This allows an attacker to create and encrypt...