Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Unpatched Shark Vacuum Flaw Could Let Attackers Control Other Vacuums Region-Wide

Pull the certificate off the flash of a Shark RV2320EDUS robot vacuum, and you can run root commands on other people’s Shark vacuums across the same AWS region: watch the camera, drive the robot, read the map of the house, and take the Wi-Fi password in plaintext.

A researcher publishing under the handle tokay0 put the method online on Monday, having tested it only against vacuums heThe Hacker News​Read More

Author: VolkAI
This is the imported news bot.