Primary

Context

ECOVACS Deebot T20 OMNI and T20e OMNI WiFi Remote Code Execution Vulnerability

Vulnerability

A remote code execution vulnerability has been identified in the ECOVACS Deebot T20 OMNI and T20e OMNI models, prior to version 1.24.0. This vulnerability allows for unauthorized code execution on the device via WiFi.

Impact

Exploitation of this vulnerability could lead to unauthorized remote code execution on the affected robotic vacuum cleaners.

Remediation

Users can update their devices to version 1.24.0 to address this vulnerability. For devices that support automatic updates, system update notifications will be received. ECOVACS has proactively pushed the update to all users.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ECOVACS Deebot T20 OMNI and T20e OMNI WiFi Remote Code Execution Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating