Security Analysis Report
Eero 3
D
HIGH RISK
This router scores 42/100 - a D. Significant gaps in supply chain, patch support, or security capabilities.
- A real gap that affects every device sharing this Wi-Fi - It affects every device sharing this Wi-Fi - your work laptop, your phone, your kids' devices, your security cameras. Not the most urgent threat on the page, but a real edge an attacker can use to reach the rest.
- A small gap that still touches every device on this network - A small gap, not an urgent one - but it still touches everything on this network: your work laptop, your phone, your security cameras, and any guest device that joins the Wi-Fi.
FCC & Ban Risk
44
/100
D
Supply chain · FCC status · CVEs · Patch support
Security Capabilities
38
/100
D
Zero-Trust · VPN · Segmentation · Monitoring
Device context
Manufacturer
Amazon-owned - eero LLC, a subsidiary of Amazon.com Inc. (NASDAQ: AMZN). US corporate jurisdiction.
FCC status
FCC authorized - Not in scope
Made in
China
Patch support
Active
Everything on this network shares the exposure
💻 Work laptop & remote access
🏦 Online banking & passwords
📷 Security cameras & smart locks
👧 Kids’ devices & school logins
📱 Every phone & tablet at home
🔊 Smart speakers & streaming
Steps you can take today
1Keep Amazon account secured with a strong, unique password and 2FA
2Review what eero collects in the privacy settings
3Disable remote access if you don't actively use it
4Upgrade to a Wi-Fi 6 model when ready - eero 6 or newer has better security capabilities
5We built Rio to score 8/8 on this framework - it’s the only router we track that does
Security features
Zero-Trust Device Admission
Network Segmentation (VLANs)
Router-Level VPN for All Devices
Domain Allowlisting
Granular Password Control
Guest Auto-Expiry
Clean Supply Chain
Active Threat Monitoring
The Verdict
Security updates are still active, which limits the most common attack surface. However, it has serious security gaps that put every device on your network at risk - every phone, laptop, camera, and smart device on this Wi-Fi shares that exposure.
The gaps are real enough to affect banking sessions, remote work, and anything sensitive passing through your home network. A D grade means the issues are documented and ongoing, not theoretical.
-
A real gap that affects every device sharing this Wi-Fi
It affects every device sharing this Wi-Fi - your work laptop, your phone, your kids' devices, your security cameras. Not the most urgent threat on the page, but a real edge an attacker can use to reach the rest.
Show technical detail
Cloud dependency on Amazon services: eero devices require an Amazon account and a working cloud connection for setup and most administration. There is no fully-local management mode. A compromised Amazon account = router access.
-
A small gap that still touches every device on this network
A small gap, not an urgent one - but it still touches everything on this network: your work laptop, your phone, your security cameras, and any guest device that joins the Wi-Fi.
Show technical detail
Manufacturing origin: Manufactured in China. The FCC March 2026 foreign-manufacture rule may apply to some SKUs - confirm before purchasing new units.
Everything on this network shares the exposure
💻 Work laptop & remote access
🏦 Online banking & passwords
📷 Security cameras & smart locks
👧 Kids' devices & school logins
📱 Every phone & tablet at home
🔊 Smart speakers & streaming
An A-rated alternative is shown below.
FCC & Ban Risk
44
/100
D
Supply chain · FCC status · CVEs · Patch support
Security Capabilities
38
/100
D
Zero-Trust · VPN · Segmentation · Monitoring
FCC & Ban Risk measures supply-chain exposure, government flags, and CVE history. Security Capabilities measures what the router can actually do to protect your network. How we score →
Device context
Manufacturer
Amazon-owned - eero LLC, a subsidiary of Amazon.com Inc. (NASDAQ: AMZN). US corporate jurisdiction.
Country of origin
Built in China
US gov status
FCC authorized - Not in scope
Security patches
Active - automatic firmware updates
Steps you can take today
1
Keep Amazon account secured with a strong, unique password and 2FA
2
Review what eero collects in the privacy settings
3
Disable remote access if you don't actively use it
4
Upgrade to a Wi-Fi 6 model when ready - eero 6 or newer has better security capabilities
5
We built Rio to score 8/8 on this framework. It’s the only router we track that does - and we’d tell you if another one did
🔒
Security capabilities comparison
Here's how your router compares to Rio across the 8 dimensions we built our framework around. (Yes, we made Rio.)
EERO
your router
Rio Router™
full standard
Zero-Trust Device Admission
Every new device is blocked by default - admin must approve it once, even if it has the right password
Not available
Available
Network Segmentation (VLANs)
Devices on your network are isolated from each other, so a hacked smart TV can't reach your laptop
Partial
Available
Router-Level VPN for All Devices
All traffic - including smart devices that can't run VPN apps - is encrypted before leaving your home
Partial
Available
Domain Allowlisting
Block everything except approved sites; more effective than trying to blacklist billions of harmful URLs
Partial
Available
Granular Password Control
Separate passwords per network zone - changing one doesn't affect others
Partial
Available
Guest Auto-Expiry
Guest devices are automatically removed when they leave; neighbors can't reconnect without re-approval
Not available
Available
Clean Supply Chain
Manufactured outside Chinese legal jurisdiction - not subject to China's National Intelligence Law
Partial
Available
Active Threat Monitoring
Real-time detection of suspicious device behavior, unusual traffic patterns, and known attack signatures on your network
Partial
Available
Rio scores 8/8 - we built it to hit every dimension on this framework. Know a router that does? Tell us and we’ll add it.
Get Rio →
See all Eero models: Eero brand overview →
You’ve seen the comparison. Rio covers every gap above.
Free US shipping · 30-day money-back · Works with any internet provider
Not ready to switch yet?
We'll email you if a new vulnerability hits your Eero 3. One email per incident. No spam.
Acceptable for everyday home use - automatic updates help, cloud dependency is the main caveat.
Compare to options with more local control in our replacement guide.
How this was scored · verified March 2026: This rating combines FCC authorization status, manufacturer legal jurisdiction, CVEs from NIST NVD, active patch support status, and CISA advisory mentions. See full methodology →
Reference Data
Sources & evidence
All findings trace to publicly verifiable primary sources - US government databases, official FCC filings, and NIST CVE records. No proprietary or anonymous sources are used.
Full data source documentation: Scoring Methodology & Citations →