Robotic Vacuums May Hoover Your Data

  /     /     /  
Publicated : 22/11/2024   Category : security


Robotic Vacuums May Hoover Your Data


Researchers have discovered a pair of vulnerabilities that allow unauthorized code execution in a robotic vacuum.



A robot vacuum cleaner sure makes cleaning floors easier, but it may also ease the load for those looking to eavesdrop on private conversations. Thats the conclusion of researchers at Positive Technologies, who found that they could compromise the Dongguan Diqee 360 robotic vacuum to turn it into a mobile surveillance device.
Researchers found a pair of vulnerabilities, one accessible to remote attackers and one that requires physical contact with the machine. The remote vulnerability would allow an outsider to gain superuser privileges on the device, giving them the ability to run unauthorized software. The physical contact vulnerability exploits the mechanism for doing firmware updates and allows an unauthorized user to insert a microSD card containing unauthorized code.
In either case, the unauthorized code could use the physical capabilities of the robot and spread laterally inside the network firewall to gain access to cameras and microphones. Then it could use the robot as a hub for distributing the information to the attacker or even turn the robotic vacuum into a node on a botnet.
Read
here
and
here
 for more.
 
 
 
Black Hat USA returns to Las Vegas with hands-on technical Trainings, cutting-edge Briefings, Arsenal open-source tool demonstrations, top-tier security solutions and service providers in the Business Hall. Click for information on the
conference
 and
to register.

Last News

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security

▸ Criminal Possession of Government-Grade Stealth Malware ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Robotic Vacuums May Hoover Your Data