Security Advisory

CVE-2024-12078

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-23 16:38:48

Last updated 2025-02-12 17:11:14

Assigner cisa-cg

State PUBLISHED

Description

ECOVACS robot lawn mowers and vacuums use a shared, static secret key to encrypt BLE GATT messages. An unauthenticated attacker within BLE range can control any robot using the same key.

← Browse all CVEs View on cve.org ↗