Security Advisory

CVE-2024-52331

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-23 16:37:31
Last updated 2025-10-02 14:10:10
Assigner cisa-cg
State PUBLISHED

Description

ECOVACS robot lawnmowers and vacuums use a deterministic symmetric key to decrypt firmware updates. An attacker can create and encrypt malicious firmware that will be successfully decrypted and installed by the robot.