Product
A researcher discovered an unpatched vulnerability in Shark RV2320EDUS robot vacuums that allows an attacker with physical access to extract an overly permissive AWS IoT certificate, enabling region-wide remote command execution and data theft on other Shark vacuums.