Login Sign Up

CVE-2024-52330

7.4 HIGH

📋 TL;DR

ECOVACS robotic lawnmowers and vacuums fail to properly validate TLS certificates, allowing unauthenticated attackers to intercept and manipulate TLS traffic. This could enable firmware update tampering, potentially leading to device compromise. All users of affected ECOVACS devices are vulnerable.

💻 Affected Systems

Products:
  • ECOVACS robotic lawnmowers
  • ECOVACS robotic vacuums
Versions: All versions prior to firmware updates addressing CVE-2024-52330
Operating Systems: Embedded firmware
Default Config Vulnerable: ⚠️ Yes
Notes: All default configurations are vulnerable; devices must connect to ECOVACS cloud services for updates.

📦 What is this software?

Deebot T10 Firmware by Ecovacs

View all CVEs affecting Deebot T10 Firmware →

Deebot T10 Omni Firmware by Ecovacs

View all CVEs affecting Deebot T10 Omni Firmware →

Deebot T10 Plus Firmware by Ecovacs

View all CVEs affecting Deebot T10 Plus Firmware →

Deebot T10 Turbo Firmware by Ecovacs

View all CVEs affecting Deebot T10 Turbo Firmware →

Deebot X1 Firmware by Ecovacs

View all CVEs affecting Deebot X1 Firmware →

Deebot X1 Omni Firmware by Ecovacs

View all CVEs affecting Deebot X1 Omni Firmware →

Deebot X1 Plus Firmware by Ecovacs

View all CVEs affecting Deebot X1 Plus Firmware →

Deebot X1 Pro Omni Firmware by Ecovacs

View all CVEs affecting Deebot X1 Pro Omni Firmware →

Deebot X1 Turbo Firmware by Ecovacs

View all CVEs affecting Deebot X1 Turbo Firmware →

Deebot X1e Omni Firmware by Ecovacs

View all CVEs affecting Deebot X1e Omni Firmware →

Deebot X1s Pro Firmware by Ecovacs

View all CVEs affecting Deebot X1s Pro Firmware →

Deebot X1s Pro Plus Firmware by Ecovacs

View all CVEs affecting Deebot X1s Pro Plus Firmware →

Deebot X2 Combo Firmware by Ecovacs

View all CVEs affecting Deebot X2 Combo Firmware →

Deebot X2 Omni Firmware by Ecovacs

View all CVEs affecting Deebot X2 Omni Firmware →

Deebot X2 Pro Firmware by Ecovacs

View all CVEs affecting Deebot X2 Pro Firmware →

Deebot X2s Firmware by Ecovacs

View all CVEs affecting Deebot X2s Firmware →

Deebot X5 Pro Firmware by Ecovacs

View all CVEs affecting Deebot X5 Pro Firmware →

Deebot X5 Pro Plus Firmware by Ecovacs

View all CVEs affecting Deebot X5 Pro Plus Firmware →

Deebot X5 Pro Ultra Firmware by Ecovacs

View all CVEs affecting Deebot X5 Pro Ultra Firmware →

Mate X Firmware by Ecovacs

View all CVEs affecting Mate X Firmware →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could push malicious firmware updates to devices, gaining full control over robotic vacuums/lawnmowers, potentially enabling physical safety risks or using devices as network footholds.

🟠

Likely Case

Attackers intercept and modify device communications, potentially stealing sensitive data or disrupting device functionality.

🟢

If Mitigated

With proper network segmentation and monitoring, impact is limited to device functionality disruption without network compromise.

🌐 Internet-Facing: MEDIUM
🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ✅ No
Weaponized: UNKNOWN
Unauthenticated Exploit: ⚠️ Yes
Complexity: MEDIUM

Exploitation requires man-in-the-middle position on network; no authentication needed to intercept traffic.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Firmware updates released December 2024

Vendor Advisory: https://www.ecovacs.com/global/userhelp/dsa20241217001

Restart Required: Yes

Instructions:

1. Open ECOVACS HOME app 2. Check for firmware updates 3. Apply available updates 4. Device will restart automatically

🔧 Temporary Workarounds

Network segmentation

all

Isolate ECOVACS devices on separate VLAN without internet access

Disable automatic updates

all

Prevent automatic firmware updates that could be intercepted

🧯 If You Can't Patch

  • Disconnect devices from network entirely
  • Monitor network traffic for TLS interception attempts

🔍 How to Verify

Check if Vulnerable:

Check device firmware version in ECOVACS HOME app; versions before December 2024 updates are vulnerable

Check Version:

Use ECOVACS HOME app → Device Settings → Firmware Version

Verify Fix Applied:

Confirm firmware version shows post-December 2024 update in ECOVACS HOME app

📡 Detection & Monitoring

Log Indicators:

  • Unusual TLS certificate validation failures
  • Unexpected firmware update attempts

Network Indicators:

  • Man-in-the-middle attacks on port 443 to ECOVACS servers
  • Unencrypted firmware downloads

SIEM Query:

destination_port:443 AND (tls.handshake.type:1 OR tls.alert.description:42) AND destination_ip:ECOVACS_SERVERS

📊 Metadata

CVE ID: CVE-2024-52330
CVSS v3 Score: 7.4 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
CWE: CWE-295
EPSS Score: 0.11% exploit probability (29.5th percentile)
Published: January 23, 2025
Last Updated: September 23, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2024-52330, you might also want to check these:

CVE-2025-68121 10.0

This vulnerability in Go's crypto/tls package allows TLS session resumption to succeed when it shoul...

Same vulnerability type (CWE-295)
CVE-2024-5261 9.8

LibreOfficeKit mode in LibreOffice versions before 24.2.4 disables TLS certificate verification when...

Same vulnerability type (CWE-295)
CVE-2023-51837 9.8

MeshCentral 1.1.16 fails to properly validate SSL certificates when establishing connections, allowi...

Same vulnerability type (CWE-295)