Vulnerabilities (CVE)

  1. Yack CVE
  2. Vulnerabilities (CVE)
Filtered by vendor Ecovacs
Filtered by product Deebot T20 Omni
Angry Yack Logo
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2025-30200 1 Ecovacs 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more 2025-09-23 N/A 6.3 MEDIUM
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic AES encryption key, which can be easily derived.
CVE-2025-30199 1 Ecovacs 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more 2025-09-23 N/A 7.2 HIGH
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
CVE-2025-30198 1 Ecovacs 26 Deebot T10, Deebot T10 Firmware, Deebot T10 Omni and 23 more 2025-09-23 N/A 6.3 MEDIUM
ECOVACS robot vacuums and base stations communicate via an insecure Wi-Fi network with a deterministic WPA2-PSK, which can be easily derived.