Researchers demonstrated a flaw last year that let them bypass the Deebot X2’s PIN entry to gain access to the vacuum. Ecovacs says in its statement that it has resolved that, and that it also plans to “further enhance security” with an update in November. It’s not clear whether that would correct a Bluetooth vulnerability that ABC News exploited for a report earlier this month.
Cloud-connected smart home devices have led to stories like this for years. Sometimes it’s the result of hacks, others simply compromised credentials. Sometimes, it’s bad software showing you another owner’s camera feed, as a little treat. Issues like these can feel inevitable when so many smart home devices require a persistent internet connection to function, especially for those companies that don’t offer easy ways to report security vulnerabilities.
Published: 2024-10-12T13:23:49