TapTechNews August 10th news, the tech media TechCrunch reported yesterday (August 9th) that security researchers Dennis Giese and Braelynn will attend the DefCon hacker conference to demonstrate and report vulnerabilities in Ecovacs' sweeping robot and lawnmower products.
The researchers said they had contacted Ecovacs to report these vulnerabilities but never received a reply from the company, and they believe these vulnerabilities remain unfixed and could be exploited by hackers.
The researchers said that the vulnerability can be exploited to take over Ecovacs sweeping robots via Bluetooth connection with a maximum distance of up to 427 feet (about 130 meters).
And once the hackers control these sweeping robots, since they can connect to the Wi-Fi network themselves, it means that subsequent remote connection control can be achieved.
TapTechNews learned from the report that the researchers said they could use the vulnerability to read the Wi-Fi hotspot password, read all the maps saved by the sweeping robot, and could access components such as cameras and microphones.
The researchers said the following devices all have security vulnerabilities
Ecovacs Deebot 900 series
Ecovacs Deebot N8/T8
Ecovacs Deebot N9/T9
Ecovacs Deebot N10/T10
Ecovacs Deebot X1
Ecovacs Deebot T20
Ecovacs Deebot X2
Ecovacs Goat G1
Ecovacs Spybot Airbot Z1
Ecovacs Airbot AVA
Ecovacs Airbot ANDY