Search
Recently, a DIY enthusiast accidentally triggered a security vulnerability while attempting to control a DJI Romo robotic vacuum cleaner with a PS5 controller, resulting in unauthorized access to approximately 6,700 devices of the same model worldwide. Attackers could view real-time camera footage, obtain 2D floor plans of homes, and even locate the devices. Samy Azouzoufar, the discoverer of the vulnerability, stated that he gained control over a large number of devices simply by extracting the private token from his own device, as DJI's servers mistakenly recognized it as having universal access rights. DJI has fixed the vulnerability through two updates—the first patch was deployed on February 8, with a subsequent update completed on February 10. The fixes were automatically deployed without requiring user action.
-
C114 Communication Network -
Communication Home
