Vulnerabilities (CVE)

Filtered by vendor Ecovacs Subscribe

Filtered by product Deebot T30 Omni

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-52325	1 Ecovacs	24 Deebot T30 Omni, Deebot T30 Omni Firmware, Deebot T30s and 21 more	2025-09-23	N/A	9.6 CRITICAL
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
CVE-2025-30200	1 Ecovacs	26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more	2025-09-23	N/A	6.3 MEDIUM
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.
CVE-2025-30199	1 Ecovacs	26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more	2025-09-23	N/A	7.2 HIGH
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
CVE-2025-30198	1 Ecovacs	26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more	2025-09-23	N/A	6.3 MEDIUM
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.