RAR Warns ECOVACS after Security Issues

On 15th May 2025, America's Cyber Defense Agency (CISA) issued an advisory about certain ECOVACS products.

A fatal issue allowed easy third-party access to the robot, letting them take control of the robot, execute code, and perform malicious updates.

The advisory is related to the T10, T20, T30 series, as well as the X1 series released from early 2022 to 2025.

We're glad that there have not been registered cases of this happening yet.

Unfortunately, our independent security team has identified it as a risk.

RAR OS uses a completely different, independently verifiable security protocol — devices powered by RAR OS aren't prone to these attacks and are secure.

RAR informed ECOVACS in November 2024, after finding that some models, including a newer X2 series, have serious security issues and allowed unauthorised third parties to control the device.

Since this issue doesn't affect devices powered by RAR OS, our security team has concluded that it is safe — you'll need to update to a new version of RAR OS III before you can use your device again.

ECOVACS has been issued a second warning in less than 6 months and will be under investigation.

Stay safe!

Your RAR Security Team