Ecovacs Deebot X5 Pro Ultra Firmware — known CVE vulnerabilities
Every CVE whose affected-product data names Ecovacs Deebot X5 Pro Ultra Firmware, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2024-52325 — CVSS 9.6 (critical): ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an unauthenticated BLE connection.
CVE-2024-52330 — CVSS 7.4 (high): ECOVACS lawnmowers and vacuums do not properly validate TLS certificates. An unauthenticated attacker can read or modify TLS traffic…