Area Man Accidentally Hacks 6,700 Camera-Enabled Robot Vacuums

Plus: The top US cyber agency falls into shambles, AI models develop an upsetting penchant for nuclear weapons, and more...

Hobby coder accidentally creates vacuum robot army

Sammy Azdoufal wanted to steer his robot vacuum with a PS5 controller. Like any good maker, he thought it would be fun to drive a new DJI Romo around manually. He ended up gaining access to an army of robotic cleaners that gave him eyes into thousands of homes. Driven by purely playful reasons,...

EUVD-2025-27023

Malicious code in bioql PyPI...

EUVD-2025-27020

Malicious code in bioql PyPI...

EUVD-2024-46255

Malicious code in bioql PyPI...

CVE-2025-30198

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30200

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

CVE-2025-30198

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30200

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived...

CVE-2025-30198

CVE-2025-30198 affects ECOVACS robot vacuums and base stations. Root causes: insecure Wi‑Fi using a deterministic WPA2-PSK that can be derived from device serial numbers; base stations do not validate firmware updates, enabling potential malicious OTA updates; AES encryption key similarly derivab...

CVE-2025-30198 ECOVACS Vacuum and Base Station Hard-Coded WPA2-PSK

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived...

CVE-2025-30200

ECOVACS robot vacuums and base stations are affected by CVE-2025-30200, where devices communicate over an insecure Wi‑Fi network and use a deterministic AES key that can be derived from the device serial number. The vulnerability is also described as allowing insecure firmware/over‑the‑air update...

ECOVACS robot vacuums 安全漏洞

ECOVACS robot vacuums is a line of vacuum cleaners from the Chinese company ECOVACS. A security vulnerability exists in ECOVACS robot vacuums that stems from an unverified firmware update that could lead to a malicious over-the-air update...

ECOVACS robot vacuums 安全漏洞

ECOVACS robot vacuums is a line of vacuum cleaners from the Chinese company ECOVACS. A security vulnerability exists in ECOVACS robot vacuums that stems from insecure Wi-Fi communication using predictable AES encryption keys...

CVE-2024-52327

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed...

ECOVACS robot lawnmowers和vacuums 安全漏洞

ECOVACS robot vacuums and ECOVACS robot lawnmowers are both products of the Chinese company ECOVACS.ECOVACS robot vacuums are a line of vacuum cleaners.ECOVACS robot lawnmowers are a line of lawnmowers. A security vulnerability exists in the ECOVACS robot lawnmowers and vacuums that stems from th...

ECOVACS robot lawnmowers和vacuums 命令注入漏洞

ECOVACS robot vacuums and ECOVACS robot lawnmowers are both products of the Chinese company ECOVACS.ECOVACS robot vacuums are a line of vacuum cleaners.ECOVACS robot lawnmowers are a line of lawnmowers. A security vulnerability exists in the ECOVACS robot lawnmowers and vacuums that stems from a...

ECOVACS robot lawnmowers和vacuums 信任管理问题漏洞

ECOVACS robot vacuums and ECOVACS robot lawnmowers are both products of the Chinese company ECOVACS.ECOVACS robot vacuums are a line of vacuum cleaners.ECOVACS robot lawnmowers are a line of lawnmowers. A security vulnerability exists in the ECOVACS robot lawnmowers and vacuums that stems from th...

PT-2025-1627 · Ecovacs · Ecovacs Robot Lawnmowers/Vacuums

Name of the Vulnerable Software and Affected Versions: ECOVACS robot lawnmowers and vacuums affected versions not specified Description: The issue concerns the use of a deterministic root password in ECOVACS robot lawnmowers and vacuums, which is generated based on the model and serial number. An...

ECOVACS robot lawnmowers和vacuums 安全漏洞

ECOVACS robot vacuums and ECOVACS robot lawnmowers are both products of the Chinese company ECOVACS.ECOVACS robot vacuums are a line of vacuum cleaners.ECOVACS robot lawnmowers are a line of lawnmowers. The ECOVACS robot lawnmowers and vacuums suffer from a security vulnerability that stems from ...