Thousands of Yarbo robotic lawnmowers worldwide have been found to have a critical security flaw, allowing remote access through identical default administrator credentials, based on information published by Tech Radar.Security researcher Andreas Makris discovered that Yarbo robotic lawnmowers, which operate in over 30 countries and are equipped with cameras, GPS, and AI mapping, used the same default passwords. This vulnerability allowed Makris to access owner email addresses, Wi-Fi passwords, and precise GPS locations, even demonstrating the ability to remotely hijack a 200-pound mower. The Linux-based devices, functioning like internet-connected computers, could theoretically be weaponized by hackers to activate blades, scan networks, or form botnets. The risk is amplified for mowers located near critical infrastructure, such as power plants.Yarbo, with ties to China and a New York headquarters, has acknowledged the flaws and implemented fixes including disabling remote diagnostic tunnels and resetting passwords. However, concerns remain about the retention of manufacturer remote access, which critics describe as a backdoor, based on information published by Tech Radar.Source: Tech Radar
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds




