An unpatched security vulnerability in Shark robot vacuums lets attackers steal a single client certificate from one device and use it to run root commands on other Shark vacuums across the same Amazon Web Services region. The flaw exposes live camera feeds, stored home maps, and Wi-Fi credentials held in plaintext, affecting millions of devices. The researcher who discovered the issue, publishing under the handle tokay0, went public on Monday after reporting it to SharkNinja on March 1.

What You Need to Know

An unpatched security flaw in Shark robot vacuums allows attackers to steal a single client certificate from one device and use it to command other Shark vacuums in the same AWS region. This exposes live camera feeds, stored home maps, and Wi-Fi credentials stored in plaintext. The vulnerability requires a cloud-side fix from SharkNinja, not a firmware update. The researcher reported the issue in March, but SharkNinja has not yet deployed a patch.

How the Certificate Flaw Works

The root cause is an over-permissive AWS IoT policy. The certificate that a Shark vacuum uses to authenticate to Amazon's cloud broker was never restricted to the device carrying it. A certificate pulled from one unit can subscribe to fleet-wide traffic and publish commands addressed to any device the broker serves. Those commands travel in an Exec_Command field inside the per-device state document AWS keeps in the cloud, and a management daemon on the vacuum passes anything under 1,000 bytes from it to a shell.

The researcher tested the technique only on units he bought himself, including a cross-model reverse shell on an AV1102ARUS Shark IQ Robot Vacuum XL. He then used that access to pull a live feed off the robot's onboard camera. Watching a single AWS region for 24 hours, he counted 1,517,605 unique Shark serial numbers, of which 673,816, or 44%, replied to a command probe. Those are devices observed responding, not devices he tested or compromised. Certificates are pinned to their AWS region, so a key lifted in one region only reaches devices in that region.

  • Live camera feeds: Attackers can view real-time video from the vacuum's onboard camera.
  • Stored home maps: Floor plans of the user's home are accessible.
  • Wi-Fi credentials: Network passwords are stored in plaintext on the device.

Timeline and Response

tokay0 says SharkNinja acknowledged his report on March 12, told him on April 27 that it was under review, and on July 3 promised a completion date by July 10 that never arrived. He also says the company downplayed the severity and questioned whether a CVE was warranted, despite a published disclosure policy that commits SharkNinja to provide regular updates until the vulnerability is resolved. The company had posted nothing on the flaw as of July 16.

Remediation in this scenario does not require a firmware update. Per Amazon, a non-compliant IoT policy is fixed by pushing a scoped version inside the operator's own AWS account until SharkNinja rescopes the policy or reissues the certificates.

Why This Matters

This vulnerability is part of a troubling pattern in smart home security. Cloud-side failures, where a backend fails to scope device access, have driven a run of robot-vacuum breaches. In February, a similar authorization flaw exposed roughly 6,700 DJI Romo vacuums, handing out camera feeds, audio, and floor plans. DJI patched that issue within weeks. The SharkNinja flaw is far larger in scale, with the researcher observing over 1.5 million unique serial numbers in a single AWS region.

For consumers, the risk is significant. An attacker could silently monitor a home, learn its layout, and gain access to the home Wi-Fi network. The lack of a patch more than four months after disclosure raises questions about SharkNinja's commitment to security. The incident also fuels interest in fully offline robot vacuum designs, which eliminate cloud-side attack surfaces entirely. Until SharkNinja resolves the issue, owners of these vacuums have no way to protect themselves beyond disconnecting the device from the internet.