CVE Radar Logo
CVERadar
CVE Radar Logo
CVERadar

CVE-2024-42911

Medium Severity
SVRS
36/100
CVSSv3
NA/10
EPSS
0.00117/1

CVE-2024-42911: WiFi Remote Code Execution vulnerability found in ECOVACS Robotics Deebot T20 OMNI and T20e OMNI before version 1.24.0. This vulnerability allows attackers to execute arbitrary code on the device via the WiFi network. Although the CVSS score is 0, indicating a base severity of none, the SOCRadar Vulnerability Risk Score (SVRS) of 36 suggests there is still a risk involved. Successful exploitation could lead to complete device compromise, data theft, or use of the device as a bot in a larger attack. Users are advised to update to the latest firmware version to mitigate this security risk. While not critical according to SOCRadar's SVRS scale (above 80), the vulnerability being "In The Wild" means that exploits are publicly available and actively being used, increasing the urgency to patch.

TAGS
In The Wild
VECTOR STRING
PUBLICATION DATE2025-01-14
LAST MODIFIED2025-02-03
Eye Icon
SOCRadar
AI Insight

Description

CVE-2024-42911 is a WiFi Remote Code Execution vulnerability affecting ECOVACS Robotics Deebot T20 OMNI and T20e OMNI models prior to version 1.24.0. This vulnerability allows an attacker to remotely execute arbitrary code on the affected devices, potentially leading to complete compromise of the device and the network it is connected to.

SVRS: 38 indicates a moderate vulnerability, requiring immediate attention. While not considered "critical" (above 80), the "In The Wild" tag suggests this vulnerability is actively being exploited by attackers.

Key Insights

  • Remote Code Execution: The vulnerability allows an attacker to execute arbitrary code on the affected devices from a remote location without any user interaction.
  • Potential for Network Compromise: Exploitation of this vulnerability could potentially lead to the compromise of the entire network the affected device is connected to, granting attackers access to sensitive data and resources.
  • Active Exploitation: The "In The Wild" tag highlights that this vulnerability is actively being exploited by attackers.
  • Impact on IoT Security: This vulnerability emphasizes the rising threat of attacks on Internet of Things (IoT) devices, highlighting the need for robust security measures for such devices.

Mitigation Strategies

  • Software Updates: Immediately update your ECOVACS Robotics Deebot T20 OMNI and T20e OMNI devices to version 1.24.0 or later. This patch will address the vulnerability and prevent further exploitation.
  • Network Segmentation: Implement network segmentation to isolate IoT devices from critical network infrastructure. This reduces the impact of a potential compromise, preventing attackers from gaining access to sensitive data.
  • Strong Passwords & Two-Factor Authentication: Utilize strong passwords and implement two-factor authentication on your router and other network devices to make it more difficult for attackers to access your network.
  • Firewall Configuration: Configure firewalls to restrict incoming and outgoing traffic to minimize the attack surface and prevent unauthorized access to vulnerable devices.

Additional Information:

If you have further questions regarding this incident, you can utilize the "Ask to Analyst" feature, contact SOCRadar directly, or open a support ticket for more information.

Indicators of Compromise

No IOCs found for this CVE

Exploits

No exploits found for this CVE

Enhance Your CVE Management with SOCRadar Vulnerability Intelligence
Get comprehensive CVE details, real-time notifications, and proactive threat management all in one platform.
CREATE FREE ACCOUNT
CVE Details
Access comprehensive CVE information instantly
Real-time Tracking
Subscribe to CVEs and get instant updates
Exploit Analysis
Monitor related APT groups and threats
IOC Tracking
Analyze and track CVE-related IOCs

News

CVE-2024-42911 | ECOVACS Deebot T20 OMNI/Deebot T20e OMNI up to 1.23.x WiFi Privilege Escalation
vuldb.com2025-01-15
CVE-2024-42911 | ECOVACS Deebot T20 OMNI/Deebot T20e OMNI up to 1.23.x WiFi Privilege Escalation | A vulnerability was found in ECOVACS Deebot T20 OMNI and Deebot T20e OMNI up to 1.23.x. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component WiFi Handler. The manipulation leads to Privilege Escalation. This vulnerability is known as CVE-2024-42911<
vuldb.com
rss
forum
news

Social Media

[IT-Connect] - Ecovacs corrige une faille de sécurité critique dans ses robots aspirateurs Deebot : CVE-2024-42911 - https://t.co/wsM9Dy3pPm 👌😁
0
0
0
ECOVACS Patches Critical WiFi RCE Vulnerability CVE-2024-42911 in Deebot Robot Vacuums Learn about the critical vulnerability affecting ECOVACS Deebot robot vacuums and the security measures taken to address it https://t.co/oeVlbVK4xL
0
0
0
🗣 ECOVACS Patches Critical WiFi RCE Vulnerability CVE-2024-42911 in Deebot Robot Vacuums https://t.co/xMP57jDLLb
0
0
0

Affected Software

No affected software found for this CVE

References

ReferenceLink
[email protected]http://ecovacs.com
[email protected]https://www.ecovacs.com/global/userhelp/dsa20250113001

CWE Details

CWE IDCWE NameDescription
CWE-94Improper Control of Generation of Code ('Code Injection')The software constructs all or part of a code segment using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the syntax or behavior of the intended code segment.

CVE Radar

Real-time CVE Intelligence & Vulnerability Management Platform

CVE Radar provides comprehensive vulnerability intelligence by monitoring CVE databases, security advisories, and threat feeds. Get instant updates on new vulnerabilities, exploit details, and mitigation strategies specific to your assets.

Get Free Vulnerability Intelligence AccessAccess real-time CVE monitoring, exploit analysis, and threat intelligence