VYPR
advisoryPublished Jul 16, 2026· 1 source

Shark Robot Vacuums Vulnerable to Regional Control, Data Theft

A critical flaw in Shark RV2320EDUS robot vacuums allows attackers to hijack other vacuums in the same AWS region, enabling camera control, data theft, and Wi-Fi credential harvesting.

A significant security vulnerability has been discovered in Shark RV2320EDUS robot vacuums, potentially allowing attackers to gain control over other vacuums within the same Amazon Web Services (AWS) region. The flaw, which remains unpatched, stems from an improperly scoped certificate policy that, when exploited, enables an attacker to execute root commands on affected devices.

The researcher who identified the vulnerability, operating under the handle tokay0, detailed the exploit mechanism online. By physically extracting the device's certificate from the vacuum's mainboard—a process requiring minimal effort involving a screwdriver and access to exposed UART pins—an attacker can gain a root shell. This shell provides access to the device's private key and certificate, which are stored as plain files. The critical issue lies in the certificate's associated policy, which was not adequately restricted to the specific device it belonged to.

When this compromised certificate is presented to Shark's cloud broker, the broker erroneously accepts any command published under it, regardless of the intended recipient. This allows an attacker to subscribe to traffic across various devices within the AWS region and identify target vacuums. The exploit leverages the AWS IoT device shadow mechanism, specifically the Exec_Command field within a device's state document. By sending a shadow update containing a malicious command to a target device's topic, an attacker can trigger the execution of arbitrary code, limited only by a 1,000-byte payload size.

The potential impact is far-reaching. An attacker could control the vacuum's camera feed, manipulate its movement, access sensitive household maps generated by the device, and even steal Wi-Fi credentials in plaintext. The researcher demonstrated the cross-model exploit by successfully landing a reverse shell on an AV1102ARUS model and using it to capture live camera footage while the vacuum navigated. This highlights that the vulnerability is not confined to a single model, as the flawed policy can affect multiple Shark vacuum types.

SharkNinja, the parent company of Shark and Ninja appliances, was reportedly notified of the vulnerability in March. However, as of the researcher's public disclosure in July, the flaw remained unpatched, and no CVE identifier had been assigned. The researcher noted that SharkNinja had downplayed the severity of the issue and questioned the appropriateness of a CVE. This lack of a formal identifier complicates vulnerability management for organizations and end-users.

AWS's own IoT security services, such as Device Defender, are designed to flag such overly permissive policies. The IOT_POLICY_OVERLY_PERMISSIVE_CHECK alert specifically warns about policies granting broad access to $aws/things/* topics instead of restricting them to the connecting device. The presence of such a critical alert indicates a known security risk that was apparently not adequately addressed in the affected Shark devices.

The researcher estimated that millions of Shark serial numbers are present in AWS, with a significant percentage observed to be running the command handler. While not all are confirmed targets or compromised, the data suggests a widespread potential for exploitation. The fix for this vulnerability is server-side, requiring SharkNinja to reissue certificates with properly scoped policies, rather than a user-installable firmware update. Until then, the only effective mitigation for consumers is to disconnect their vacuums from Wi-Fi, disabling smart features and remote control capabilities.

This incident underscores the growing security risks associated with internet-connected smart home devices. The ability for a single, unpatched flaw to grant regional control and access to sensitive data, including network credentials, highlights the critical need for robust security practices throughout the product lifecycle, from design and manufacturing to ongoing maintenance and patching.

Synthesized by Vypr AI