top of page
Search

RAR Launches Investigation into ECOVACS

ECOVACS is a leading consumer robotics manufacturer. Recently, we became aware of multiple serious issues that violate our partner's terms of service. Our Safety and Partnership teams are beginning an investigation to ensure quality and safety for users.


Part I: ECOVACS Safety Issues

In November 2024, independent researchers found a fatal issue that allowed malicious software into certain (new, flagship; including X2 series) models and could control the device and play media. RAR quickly reacted and was able to recreate this issue on multiple models. Our Safety team issued a warning to consumers who are not running RAR OS and issued a strike to ECOVACS.


The bug remains unfixed to this day.


RAR OS users are safe

We'd like to take a moment to remind RAR OS users that our Safety team takes a close look at each of our software updates, and that RAR OS is an independent operating system that is the safest ever made due to our safety architecture at the core of everything we build.


Part II: ECOVACS Production Issue

In January 2025, we discovered that a majority of the latest ECOVACS all-in-one devices with mopping features had a fatal design and production issue that caused the water pump to clog and prevent the device from getting supplied with water, cleaning mopping pads, station, and more.


We received complaints about Deebot X2, which we forwarded to ECOVACS. Today, new models still have the same water pump.


Part III: ECOVACS Safety Issues

In May 2025, America's Cyber Defense Agency (CISA) issued an advisory about certain ECOVACS products. A fatal issue allowed easy third-party access to the robot, letting them take control of the robot, execute code, and perform malicious updates.


The advisory is related to the T10, T20, T30 series, as well as the X1 series released from early 2022 to 2025.


While we're glad that there have not been registered cases of this happening yet, this was once again a fatal flaw in ECOVACS's software safety department.


Our take

We understand that iteration takes time and nothing is perfect, but in this case, we can see that ECOVACS deliberately covered up this, hoping no one would discover the fatal security risks. This is unacceptable and will not be tolerated on RAR.


We're launching an investigation into the company and its practices.


In the meantime, ECOVACS Group products (ECOVACS, Yeedi, Tineco) will not be available on RAR until we've cleared this matter.


Stay safe!


Your RAR Safety Team

 
 
 

Comentários

Upgrades to RAR Blog

Get on with learning and reading with the new RAR Blog which allows you to do more!

Coming Soon as part of RAR 3

bottom of page