ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
Metrics
Affected Vendors & Products
References
History
Fri, 05 Sep 2025 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station. | |
Title | ECOVACS Vacuum and Base Station accept unsigned firmware | |
Weaknesses | CWE-494 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: cisa-cg
Published:
Updated: 2025-09-05T17:45:07.227Z
Reserved: 2025-03-18T15:53:08.738Z
Link: CVE-2025-30199

No data.

Status : Received
Published: 2025-09-05T18:15:39.553
Modified: 2025-09-05T18:15:39.553
Link: CVE-2025-30199

No data.

No data.