Deebot X1 Omni Firmware@* Security Vulnerabilities and Issues — Deebot X1 Omni Firmware@* CVE List

Lucene search

EcovacsDeebot X1 Omni Firmware*

4 matches found

CVE•added 2025/01/23 5:15 p.m.•43 views

CVE-2024-52330

ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic, possibly modifying firmware updates.

9.5CVSS7.5AI score0.00049EPSS

CVE•added 2025/09/05 6:15 p.m.•12 views

CVE-2025-30199

ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.

7.5CVSS6.4AI score0.0002EPSS

CVE•added 2025/09/05 6:15 p.m.•9 views

CVE-2025-30198

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.

6.3CVSS6.4AI score0.0002EPSS

CVE•added 2025/09/05 6:15 p.m.•8 views

CVE-2025-30200

ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.

6.3CVSS6.4AI score0.00012EPSS