Sensitive Information Exposure in Eufy Home Automation System
CVE-2024-51346

7.7HIGH

Key Information:

Vendor: Eufy
Status: Eufy Homebase 2
Vendor: CVE Published:; 25 March 2026

What is CVE-2024-51346?

A vulnerability in the Eufy Homebase 2 (version 3.3.4.1h) allows local attackers to gain access to sensitive information through weaknesses in its cryptographic scheme. This exposure could lead to unauthorized access to user data and privacy breaches, highlighting the importance of securing home automation systems against local intrusions.

References

https://www.eufy.com/

https://github.com/victorGoeman/Eufy-Ecosystem-Security-R...

CVSS V3.1

Score:

7.7

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 25, 2026
Vulnerability Reserved
Oct 28, 2024

CVE-2024-51346 Data

JSON