How severe is CVE-2024-52327?

CVE-2024-52327 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-52327

Name: home
Author: ecovacs

6.5MEDIUM

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Published: 1/23/2025Updated: 9/23/2025

Description

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

AI AnalysisPowered by AI

Affected Products

ecovacshome

References

https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf
ExploitThird Party Advisory
https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf
ExploitThird Party Advisory
https://www.ecovacs.com/global/userhelp/dsa20241217002
Vendor Advisory