CVE-2025-30199
HIGHDescription
ECOVACS vacuum robot base stations do not validate firmware updates, so malicious over-the-air updates can be sent to base station via insecure connection between robot and base station.
Is your site exposed to CVE-2025-30199?
Run a free security scan — no signup, results in seconds.
CVSS v3.1 Score
Weakness Type (CWE)
Affected Products
| Vendor | Product |
|---|---|
| ecovacs | deebot_x1s_pro_firmware |
| ecovacs | deebot_x1s_pro |
| ecovacs | deebot_x1_pro_omni_firmware |
| ecovacs | deebot_x1_pro_omni |
| ecovacs | deebot_x1_omni_firmware |
| ecovacs | deebot_x1_omni |
| ecovacs | deebot_x1s_pro_firmware |
| ecovacs | deebot_x1s_pro |
| ecovacs | deebot_x1_turbo_firmware |
| ecovacs | deebot_x1_turbo |
| ecovacs | deebot_x1s_pro_firmware |
| ecovacs | deebot_x1s_pro |
| ecovacs | deebot_t10_firmware |
| ecovacs | deebot_t10 |
| ecovacs | deebot_t10_omni_firmware |
| ecovacs | deebot_t10_omni |
| ecovacs | deebot_t10_plus_firmware |
| ecovacs | deebot_t10_plus |
| ecovacs | deebot_t10_turbo_firmware |
| ecovacs | deebot_t10_turbo |
| ecovacs | deebot_t20_omni_firmware |
| ecovacs | deebot_t20_omni |
| ecovacs | deebot_t20_pro_plus_firmware |
| ecovacs | deebot_t20_pro_plus |
| ecovacs | deebot_t20_pro_firmware |
| ecovacs | deebot_t20_pro |
| ecovacs | deebot_t30_omni_firmware |
| ecovacs | deebot_t30_omni |
| ecovacs | deebot_t30s_firmware |
| ecovacs | deebot_t30s |
References
Frequently Asked Questions
What is CVE-2025-30199? +
How severe is CVE-2025-30199? +
What products are affected by CVE-2025-30199? +
How do I check if I'm vulnerable to CVE-2025-30199? +
Related Vulnerabilities
Ollama for Windows contains a Remote Code Execution vulnerability in its update mechanism due to improper handling of attacker‑controlled HTTP …
Vulnerability in PointCloudLibrary PCL (surface/src/3rdparty/opennurbs modules). This vulnerability is associated with program files crc32.C. This vulnerability is only relevant if …
A firmware update mechanism in the affected charging controller fails to validate the authenticity of firmware packages delivered through the …
Ollama for Windows does not perform integrity or authenticity verification of downloaded update executables. Unlike other platforms, the Windows implementation …
electerm is an open-sourced terminal/ssh/sftp/telnet/serialport/RDP/VNC/Spice/ftp client. In 3.8.8 and earlier, there is persistent local-pty code execution via imported bookmarks or …
iSTAR Ultra performs a firmware verification on boot, however the verification does not inspect certain portions of the firmware. These …