IoT

Shark robot vacuums vulnerable to remote command execution

The Hacker News reports that a critical vulnerability has been discovered in Shark robot vacuums, potentially allowing attackers to gain root access and control other devices in the same AWS region.

A researcher, known as tokay0, detailed how a flawed policy attached to a certificate on Shark RV2320EDUS robot vacuums enables attackers to execute root commands on other Shark vacuums. By extracting a certificate from a vacuum, an attacker can bypass security measures and send commands to any device served by Shark's cloud broker. This allows for actions such as accessing the vacuum's camera feed, controlling its movement, reading house maps, and stealing Wi-Fi passwords.

The vulnerability stems from a policy that is not scoped to the specific device, a known critical issue flagged by AWS IoT Device Defender. Despite the researcher reporting the flaw to SharkNinja in March, the company has not yet released a patch, leaving millions of devices potentially exposed. The fix is server-side and does not require a firmware update, but until it is implemented, the only mitigation for users is to disconnect their vacuums from Wi-Fi.

Source: The Hacker News

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds