CVE-2024-52325
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
| Software | From | Fixed in |
|---|---|---|
| ecovacs / goat_g1-2000_firmware | - | 1.36.187 |
| ecovacs / goat_g1_firmware | - | 1.36.187 |
| ecovacs / goat_g1-800_firmware | - | 1.36.187 |
| ecovacs / gx-600_firmware | - | 1.2.120 |
| ecovacs / deebot_x2_omni_firmware | - | 1.76.6 |
| ecovacs / deebot_x2_combo_firmware | - | 1.81.10 |
| ecovacs / deebot_x2s_firmware | - | 1.49.0 |
| ecovacs / deebot_x5_pro_firmware | - | 1.70.0 |
| ecovacs / deebot_x5_pro_plus_firmware | - | 1.38.0 |
| ecovacs / deebot_x5_pro_ultra_firmware | - | 1.17.0 |
| ecovacs / deebot_t30_omni_firmware | - | 1.93.0 |
| ecovacs / deebot_t30s_firmware | - | 1.95.0 |
Deep Security Visibility Without the Complexity
SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.
- No setup fees
- 5-min deployment
- Cancel anytime