CVE-2024-52327 Information

Description

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

Reference

https://dontvacuum.me/talks/37c3-2023/37c3-vacuuming-and-mowing.pdf url https://dontvacuum.me/talks/HITCON2024/HITCON-CMT-2024_Ecovacs.pdf url https://www.ecovacs.com/global/userhelp/dsa20241217002 url