Primary

Context

ECOVACS Robot Devices Insecurely Store Audio Files Indicating Camera Status

Vulnerability

A vulnerability exists in ECOVACS robot lawnmowers and vacuums due to the insecure storage of audio files that signal when the camera is active. This issue allows an attacker with access to the /data filesystem to delete or alter these warning files, potentially leaving users unaware that the camera is recording.

Impact

Exploitation of this vulnerability could lead to unauthorized modification or deletion of audio files, creating a false sense of security regarding the camera's status.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

4.3

remediation

0.0

relevance

0.0

threat

4.8

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ECOVACS Robot Devices Insecurely Store Audio Files Indicating Camera Status

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating