• FACEBOOK
  • INSTAGRAM
  • TWITTER
  • LINKDIN

Owner of New DJI Romo Discovers Easy Hack to Control Global Network of Robovacs

Key Takeaways

  • A DJI Romo user exploited a security flaw to access 7,000 robovacs globally.
  • DJI is addressing the vulnerabilities, confirming they are resolved and ongoing fixes are in place.
  • Concerns about security protocols and data privacy continue to surround DJI amidst another undisclosed issue.

Security Flaw Exposed in DJI Romo Robovac

A serious security vulnerability in the DJI Romo, the company’s first robot vacuum, was recently revealed by owner Sammy Azdoufal. While attempting to connect his PS5 controller to the device, Azdoufal inadvertently gained control of approximately 7,000 robovacs worldwide. His remote control application, developed with assistance from Claude Code, exploited basic security flaws in DJI’s servers.

The breach provided Azdoufal with extensive access, allowing control of these robovacs and enabling him to view their video feed, audio streams, and even 2D floor plans of the homes where they were located. Additionally, he accessed IP addresses, which could reveal the approximate locations of the affected properties. It appears the security token used by Azdoufal to confirm his ownership was sufficient to grant unauthorized access to a vast number of other devices.

This incident raises significant concerns regarding the security measures implemented by DJI. Although the company has reportedly patched the vulnerability and confirmed that remediation efforts began prior to public acknowledgment of the issue, the fact that such an oversight occurred in the first place is alarming.

Amid ongoing scrutiny, new DJI products are currently banned in the U.S. due to concerns surrounding security protocols and possible data collection practices linked to the Chinese government. This latest security breach is unlikely to alleviate fears about potential spying or unauthorized data access.

Moreover, another serious security issue with the DJI Romo has surfaced, though The Verge has chosen not to disclose specific details. DJI has indicated that this second issue will be addressed within weeks, further complicating the public’s perception of the brand’s reliability.

This incident underscores a broader pattern of inadequate security measures in smart-home devices. As consumer trust hangs in the balance, potential buyers of robotic vacuums may want to reconsider their options, particularly regarding security features. DJI has been contacted for an official statement about the findings reported by The Verge, and updates will be provided as more information becomes available.

The content above is a summary. For more details, see the source article.

Leave a Comment

Your email address will not be published. Required fields are marked *

ADVERTISEMENT

Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)
Indo-Pacific Business Promotion Council (IPacBiz)

Become a member

RELATED NEWS

Aaronia-11-19-24.jpg

The G20 Summit in Brazil: High-Tech “Made in Germany” Protects G20 Participants from Illegal Drones

Smart Cities

Salt_Lake_City12_smart_cities_Adobe1_rt.jpg

Salt Lake City Unveils Comprehensive Digital Service Tool for Residents

Smart Cities

Little_Rock_Arkansas_smart_cities_Adobe1.jpg

US Cities Awarded Innovation Grants to Boost Economic Mobility

Smart Cities

1200x800_ChargeGuru_Charger_smart_cities_PR1_rt.jpg

EV Infrastructure Influencing Purchase and Rental Choices in the UK

Smart Cities

Become a member

Scroll to Top