Cyber Resilience

CVE-2024-52327

MediumPublic PoC

Published: 23 January 2025

Published
23 January 2025
Modified
23 September 2025
KEV Added
Patch
CVSS Score v4 6.0 CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:N/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0011 29.1th percentile
Risk Priority 12 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-52327 is a medium-severity Use of Client-Side Authentication (CWE-603) vulnerability in Ecovacs Home. Its CVSS base score is 6.0 (Medium).

Operationally, exploitation aligns with the MITRE ATT&CK technique Video Capture (T1125); ranked at the 29.1th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

The cloud service used by ECOVACS robot lawnmowers and vacuums allows authenticated attackers to bypass the PIN entry required to access the live video feed.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1125 Video Capture Collection
An adversary can leverage a computer's peripheral devices (e.
T1210 Exploitation of Remote Services Lateral Movement
Adversaries may exploit remote services to gain unauthorized access to internal systems once inside of a network.
Why these techniques?

The vulnerability in the ECOVACS cloud service enables authenticated attackers to bypass PIN authentication and access live video feeds from robot devices, facilitating Video Capture (T1125) and Exploitation of Remote Services (T1210).

Affected Assets

ecovacs
home
≤ 3.0.2 · ≤ 3.0.2

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-807

Prevents reliance on untrusted matching results for security-relevant decisions by enforcing verification and contest procedures.

addresses: CWE-807

Providing authoritative attributes with the data reduces the need for security decisions to rely on untrusted external inputs.

addresses: CWE-807

Reduces reliance on untrusted inputs by ensuring only authorized sources may supply data.

References