How severe is CVE-2024-52327?

CVE-2024-52327 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-52327

Name: home
Author: ecovacs

6.5MEDIUM

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Publicado: 1/23/2025Actualizado: 9/23/2025

Descripción

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Análisis IAImpulsado por IA

Productos Afectados

ecovacshome

Referencias

https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf
ExploitThird Party Advisory
https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf
ExploitThird Party Advisory
https://www.ecovacs.com/global/userhelp/dsa20241217002
Vendor Advisory