Deebot T10 Firmware
Monthly
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. Rated critical severity (CVSS 9.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived. Rated low severity (CVSS 2.3), this vulnerability is no authentication required, low attack complexity. No vendor patch available.
ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. Rated high severity (CVSS 7.7), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. Rated critical severity (CVSS 9.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers and vacuums insecurely store audio files used to indicate that the camera is on. Rated low severity (CVSS 1.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers store the anti-theft PIN in cleartext on the device filesystem. Rated medium severity (CVSS 4.8), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. Rated medium severity (CVSS 5.3), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.
ECOVACS robot lawnmowers and vacuums use a deterministic root password generated based on model and serial number. Rated high severity (CVSS 7.0), this vulnerability is no authentication required, low attack complexity. Public exploit code available and no vendor patch available.