How severe is CVE-2024-52327?

CVE-2024-52327 has a CVSS v3 score of 6.5 (MEDIUM).

CVE-2024-52327

Name: home
Author: ecovacs

6.5MEDIUM

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Publicado: 1/23/2025Atualizado: 9/23/2025

Descrição

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Análise IADesenvolvido por IA

Produtos Afetados

ecovacshome

Referências

https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf
ExploitThird Party Advisory
https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf
ExploitThird Party Advisory
https://www.ecovacs.com/global/userhelp/dsa20241217002
Vendor Advisory