<?xml version="1.0" encoding="utf-8" standalone="yes"?><rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/"><channel><title>Shark AV1102ARUS - CraftedSignal Threat Feed</title><link>https://feed.craftedsignal.io/products/shark-av1102arus/</link><description>Trending threats, MITRE ATT&amp;CK coverage, and detection metadata. Fed continuously.</description><generator>Hugo</generator><language>en</language><managingEditor>hello@craftedsignal.io</managingEditor><webMaster>hello@craftedsignal.io</webMaster><lastBuildDate>Thu, 16 Jul 2026 10:54:57 +0000</lastBuildDate><atom:link href="https://feed.craftedsignal.io/products/shark-av1102arus/feed.xml" rel="self" type="application/rss+xml"/><item><title>Unpatched Shark Vacuum Flaw Allows Region-Wide Remote Control and Data Theft</title><link>https://feed.craftedsignal.io/briefs/2026-07-unpatched-shark-vacuum-flaw/</link><pubDate>Thu, 16 Jul 2026 10:54:57 +0000</pubDate><author>hello@craftedsignal.io</author><guid isPermaLink="true">https://feed.craftedsignal.io/briefs/2026-07-unpatched-shark-vacuum-flaw/</guid><description>A researcher discovered an unpatched vulnerability in Shark RV2320EDUS robot vacuums that allows an attacker with physical access to extract an overly permissive AWS IoT certificate, enabling region-wide remote command execution and data theft on other Shark vacuums.</description><content:encoded><![CDATA[<p>A researcher operating under the handle tokay0 has publicly disclosed a critical vulnerability affecting SharkNinja's robot vacuum cleaners, specifically the RV2320EDUS model, which has remained unpatched since being reported to the vendor in March 2026. The flaw stems from an overly permissive AWS IoT certificate embedded in the device, which, when extracted, grants an attacker the ability to execute root commands, access camera feeds, read house maps, and exfiltrate Wi-Fi passwords in plaintext from other Shark vacuums within the same AWS region. This vulnerability does not rely on memory corruption or privilege escalation on the target device, but rather on the cloud broker accepting broad publish/subscribe actions from a compromised certificate. The researcher observed over 673,000 devices emitting an Exec_Response in a 24-hour period within one AWS region, indicating a wide potential impact on customers whose devices utilize the affected command handler.</p>
<h2 id="attack-chain">Attack Chain</h2>
<ol>
<li><strong>Physical Access:</strong> An attacker gains physical access to a vulnerable Shark RV2320EDUS robot vacuum.</li>
<li><strong>Credential Access (Device Root Shell):</strong> The attacker disassembles the vacuum, connects to UART pins on the mainboard, bypasses the U-Boot console password, and exploits a boot argument (<code>init=/bin/sh</code>) to obtain a root shell on the device.</li>
<li><strong>Credential Access (Certificate Extraction):</strong> From the root shell, the attacker extracts the per-device AWS IoT key and certificate files located at <code>/mnt/res/vapp/certs/</code>.</li>
<li><strong>Abuse of Cloud Identity:</strong> Using the extracted certificate, which possesses an overly permissive AWS IoT policy (allowing publish/subscribe on <code>$aws/things/#</code>), the attacker connects to SharkNinja's cloud broker.</li>
<li><strong>Discovery &amp; Targeting:</strong> The attacker subscribes to <code>$aws/things/#</code> via the broker to observe traffic and harvest serial numbers of other Shark vacuums operating in the same AWS region.</li>
<li><strong>Remote Code Execution:</strong> The attacker publishes a shadow update containing an <code>Exec_Command</code> field to the specific topic of a targeted Shark vacuum.</li>
<li><strong>Impact (Remote Control &amp; Data Exfiltration):</strong> The targeted vacuum's <code>appd</code> management daemon reads the <code>Exec_Command</code> field, which is executed via <code>popen</code>, providing the attacker with capabilities such as establishing a reverse shell, accessing live camera feeds, reading house maps, and exfiltrating plaintext Wi-Fi passwords.</li>
</ol>
<h2 id="impact">Impact</h2>
<p>The successful exploitation of this vulnerability would allow an attacker to remotely control affected Shark robot vacuums, leading to significant privacy and security compromises. Attackers could view sensitive household information through the vacuum's camera, map out the interior of homes, and steal Wi-Fi network credentials, potentially enabling further network intrusion. While the researcher tested on his own devices, the identified scope suggests that hundreds of thousands of Shark vacuums across a single AWS region could be vulnerable. SharkNinja has not yet patched the flaw or issued an official advisory, leaving devices exposed to these risks. The only current owner-side mitigation is to disconnect the vacuum from Wi-Fi, which disables app control and smart features.</p>
<h2 id="recommendation">Recommendation</h2>
<ul>
<li><strong>Monitor Vendor Advisories:</strong> Regularly check SharkNinja's official channels for an upcoming security advisory or patch regarding this vulnerability.</li>
<li><strong>Review IoT Device Policies:</strong> For organizations that manage IoT fleets, review AWS IoT Device Defender audit checks, specifically <code>IOT_POLICY_OVERLY_PERMISSIVE_CHECK</code>, to ensure device policies are properly scoped to <code>iot:Connection.Thing.ThingName</code> and not <code>aws/things/*</code>. This is a vendor-side fix, but awareness is crucial.</li>
<li><strong>Isolate or Disconnect Affected Devices:</strong> Until a vendor-supplied patch is available, end-users should consider disconnecting affected Shark vacuums, such as the Shark RV2320EDUS and AV1102ARUS, from their Wi-Fi networks to prevent remote exploitation.</li>
</ul>
]]></content:encoded><category domain="severity">critical</category><category domain="type">threat</category><category>iot-security</category><category>vulnerability</category><category>cloud-security</category><category>access-control</category><category>remote-code-execution</category></item></channel></rss>