Security Announcement – Product Server-Side Security Update Notification
- The permission verification for media-related interfaces is inadequate, presenting a potential risk of unauthorized access to the corresponding resources;
- The verification of target identifiers in the media upload process is insufficient, which may lead to incorrect injection of resources into other accounts.
The update has been fully implemented on the server side. No action is required on your part, and all services are currently operating normally.
Marketing Name
DEEBOT X11 PRO OMNI With Auto Refill And Drain
DEEBOT X11 OmniCyclone
DEEBOT X8 PRO OMNI with Auto Refill and Drain
DEEBOT X8 PRO OMNI
DEEBOT X5 PRO OMNI
DEEBOT X2 PRO OMNI
DEEBOT X2 COMBO
DEEBOT X2
DEEBOT X1 TURBO
DEEBOT X1 PLUS
DEEBOT X1 OMNI
DEEBOT T80 OMNI
DEEBOT T50 PRO OMNI
DEEBOT T30S PRO
DEEBOT T10 TURBO
DEEBOT T10 PLUS
DEEBOT T10 OMNI
DEEBOT OZMO T8 AIVI
None.
Security Incident Response
ECOVACS is committed to ensuring the best interests of our product users. We adhere to responsible disclosure principles and address security issues through our product security management process.
To report security issues related to ECOVACS products and solutions, please contact us at: product-security@ecovacs.com.ECOVACS will continue to monitor developments related to this vulnerability. Ongoing investigations are still in progress. If there are any changes, this advisory will be updated promptly. Please stay tuned for further updates.