CVE-2025-2394 Information

Description

Ecovacs Home Android and iOS Mobile Applications up to version 3.3.0 contained embedded access keys and secrets for Alibaba Object Storage Service (OSS) leading to sensitive data disclosure.

Reference

https://www.ecovacs.com/global/userhelp/dsa20250507001 https://www.themissinglink.com.au/security-advisories/cve-2025-2394