CVE-2024-52327

CVSS v3.1

6.5

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Name of the Vulnerable Software and Affected Versions ECOVACS (affected versions not specified)

Description The issue allows authenticated attackers to bypass the PIN entry required to access the live video feed. This affects the cloud service used by ECOVACS robot lawnmowers and vacuums.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-807CWE-603

Related Identifiers

CVE-2024-52327

Affected Products

Ecovacs

CVE-2024-52327

Weakness Enumeration

Related Identifiers

Affected Products

References · 8