ICSA-25-135-19
·
Published 2025-07-10
·
View on CISA ICS-CERT ↗
ECOVACS DEEBOT Vacuum and Base Station (Update A)
CVSS 7.2
HIGH
Risk Summary
Successful exploitation of these vulnerabilities could allow an attacker to send malicious updates to the devices or execute code.
CVEs (3)
Remediations
- ECOVACS has released software updates for all affected devices. Devices that support automatic updates will receive system update notifications. ECOVACS has proactively pushed the update to users, ensuring all users are covered. Users can complete the fix by performing the system update.
- For more information, see ECOVACS security advisory.
- Users can contact ECOVACS using information provided on their website.
Affected Vendors
ECOVACS
Affected Products (7)
ECOVACS
·
X1S PRO
<2.5.38
ECOVACS
·
X1 PRO OMNI
<2.5.38
ECOVACS
·
X1 OMNI
<2.4.45
ECOVACS
·
X1 TURBO
<2.4.45
ECOVACS
·
T10 Series
<1.11.0
ECOVACS
·
T20 Series
<1.25.0
ECOVACS
·
T30 Series
<1.100.0
Affected Sectors
Commercial Facilities
Get alerted to advisories like this
OTWarden monitors CISA, BSI, Siemens, Rockwell and more — and emails you within 2 hours when your vendors are affected.
Start free trial Learn more