CVE-2024-52325
Vulnerability from cvelistv5
Published
2025-01-23 15:56
Modified
2025-02-12 20:41
Severity ?
5.8 (Medium) - CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
9.6 (Critical) - CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS score ?
Summary
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ▼ | ECOVACS | GOAT G1 |
Version: 0 < 1.36.187 |
||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-52325",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-23T16:11:52.931430Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-12T20:41:26.651Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "GOAT G1",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.36.187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.36.187"
}
]
},
{
"defaultStatus": "unknown",
"product": "GOAT G1-800",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.36.187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.36.187"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2S",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.49.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.49.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.70.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.70.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO PLUS",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.38.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.38.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T30 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.93.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.93.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT T30S",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.95.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.95.0"
}
]
},
{
"defaultStatus": "unknown",
"product": "GOAT G1-2000",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.36.187",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.36.187"
}
]
},
{
"defaultStatus": "unknown",
"product": "GOAT GX-600",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.2.120",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.2.120"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 OMNI",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.76.6",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.76.6"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X2 COMBO",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.81.10",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.81.10"
}
]
},
{
"defaultStatus": "unknown",
"product": "DEEBOT X5 PRO ULTRA",
"vendor": "ECOVACS",
"versions": [
{
"lessThan": "1.17.0",
"status": "affected",
"version": "0",
"versionType": "custom"
},
{
"status": "unaffected",
"version": "1.17.0"
}
]
}
],
"datePublic": "2024-08-11T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection."
}
],
"metrics": [
{
"cvssV4_0": {
"baseScore": 5.8,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H",
"version": "4.0"
},
"format": "CVSS"
},
{
"cvssV3_1": {
"baseScore": 9.6,
"baseSeverity": "CRITICAL",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-77",
"description": "CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-24T15:04:12.565Z",
"orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"shortName": "cisa-cg"
},
"references": [
{
"name": "url",
"url": "https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf"
},
{
"name": "url",
"url": "https://youtu.be/_wUsM0Mlenc?t=2041"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241130001"
},
{
"name": "url",
"url": "https://www.ecovacs.com/global/userhelp/dsa20241119"
}
],
"title": "ECOVACS robot lawnmowers and vacuums command injection"
}
},
"cveMetadata": {
"assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
"assignerShortName": "cisa-cg",
"cveId": "CVE-2024-52325",
"datePublished": "2025-01-23T15:56:30.185Z",
"dateReserved": "2024-11-08T01:06:02.404Z",
"dateUpdated": "2025-02-12T20:41:26.651Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2024-52325\",\"sourceIdentifier\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"published\":\"2025-01-23T16:15:35.943\",\"lastModified\":\"2025-01-23T16:15:35.943\",\"vulnStatus\":\"Awaiting Analysis\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":5.8,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"ADJACENT\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"PRESENT\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnerableSystemConfidentiality\":\"NONE\",\"vulnerableSystemIntegrity\":\"NONE\",\"vulnerableSystemAvailability\":\"NONE\",\"subsequentSystemConfidentiality\":\"HIGH\",\"subsequentSystemIntegrity\":\"HIGH\",\"subsequentSystemAvailability\":\"HIGH\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirements\":\"NOT_DEFINED\",\"integrityRequirements\":\"NOT_DEFINED\",\"availabilityRequirements\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnerableSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedVulnerableSystemIntegrity\":\"NOT_DEFINED\",\"modifiedVulnerableSystemAvailability\":\"NOT_DEFINED\",\"modifiedSubsequentSystemConfidentiality\":\"NOT_DEFINED\",\"modifiedSubsequentSystemIntegrity\":\"NOT_DEFINED\",\"modifiedSubsequentSystemAvailability\":\"NOT_DEFINED\",\"safety\":\"NOT_DEFINED\",\"automatable\":\"NOT_DEFINED\",\"recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\",\"baseScore\":9.6,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"ADJACENT_NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"CHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":6.0}]},\"weaknesses\":[{\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-77\"}]}],\"references\":[{\"url\":\"https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\"},{\"url\":\"https://www.ecovacs.com/global/userhelp/dsa20241119\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\"},{\"url\":\"https://www.ecovacs.com/global/userhelp/dsa20241130001\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\"},{\"url\":\"https://youtu.be/_wUsM0Mlenc?t=2041\",\"source\":\"9119a7d8-5eab-497f-8521-727c672e3725\"}]}}",
"vulnrichment": {
"containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2024-52325\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-01-23T16:11:52.931430Z\"}}}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-02-12T20:34:47.477Z\"}}], \"cna\": {\"title\": \"ECOVACS robot lawnmowers and vacuums command injection\", \"metrics\": [{\"format\": \"CVSS\", \"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 5.8, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:A/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H\"}}, {\"format\": \"CVSS\", \"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 9.6, \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H\"}}], \"affected\": [{\"vendor\": \"ECOVACS\", \"product\": \"GOAT G1\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.36.187\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.36.187\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"GOAT G1-800\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.36.187\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.36.187\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X2S\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.49.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.49.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X5 PRO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.70.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.70.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X5 PRO PLUS\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.38.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.38.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT T30 OMNI\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.93.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.93.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT T30S\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.95.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.95.0\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"GOAT G1-2000\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.36.187\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.36.187\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"GOAT GX-600\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.2.120\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.2.120\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X2 OMNI\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.76.6\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.76.6\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X2 COMBO\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.81.10\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.81.10\"}], \"defaultStatus\": \"unknown\"}, {\"vendor\": \"ECOVACS\", \"product\": \"DEEBOT X5 PRO ULTRA\", \"versions\": [{\"status\": \"affected\", \"version\": \"0\", \"lessThan\": \"1.17.0\", \"versionType\": \"custom\"}, {\"status\": \"unaffected\", \"version\": \"1.17.0\"}], \"defaultStatus\": \"unknown\"}], \"datePublic\": \"2024-08-11T00:00:00.000Z\", \"references\": [{\"url\": \"https://dontvacuum.me/talks/DEFCON32/DEFCON32_reveng_hacking_ecovacs_robots.pdf\", \"name\": \"url\"}, {\"url\": \"https://youtu.be/_wUsM0Mlenc?t=2041\", \"name\": \"url\"}, {\"url\": \"https://www.ecovacs.com/global/userhelp/dsa20241130001\", \"name\": \"url\"}, {\"url\": \"https://www.ecovacs.com/global/userhelp/dsa20241119\", \"name\": \"url\"}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-77\", \"description\": \"CWE-77 Improper Neutralization of Special Elements used in a Command (\u0027Command Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"shortName\": \"cisa-cg\", \"dateUpdated\": \"2025-01-24T15:04:12.565Z\"}}}",
"cveMetadata": "{\"cveId\": \"CVE-2024-52325\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-02-12T20:41:26.651Z\", \"dateReserved\": \"2024-11-08T01:06:02.404Z\", \"assignerOrgId\": \"9119a7d8-5eab-497f-8521-727c672e3725\", \"datePublished\": \"2025-01-23T15:56:30.185Z\", \"assignerShortName\": \"cisa-cg\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.