Shark Vacuum AWS Cert Flaw Lets One Key Hijack an Entire Fleet's Root Shell
A stolen AWS certificate lets attackers run root commands on any Shark robot vacuum in the same cloud region, exposing cameras and Wi-Fi credentials.
A security researcher has shown that a client certificate pulled from a single Shark robot vacuum can be used to issue root commands on every other Shark unit sharing the same AWS IoT region. The researcher, who goes by tokay0, says he reported the issue to SharkNinja on March 1, but the flaw remains unpatched — and the fix lies entirely in SharkNinja's cloud configuration, not on the device itself.
The root cause is an over-permissive AWS IoT policy: certificates were never scoped to individual devices, so one lifted certificate can subscribe to fleet-wide traffic and publish commands via a field called Exec_Command, which an onboard management daemon blindly pipes to a shell if under 1,000 bytes. Testing only on units he owned, the researcher achieved a cross-model reverse shell on an AV1102ARUS Shark IQ Robot Vacuum XL and pulled a live feed from its camera. Monitoring one AWS region for 24 hours, he logged 1,517,605 unique serial numbers, 44% (673,816) of which responded to a command probe — devices observed, not devices he compromised.
SharkNinja acknowledged the report on March 12, said it was under review on April 27, and promised a fix by July 10 in a July 3 update — a deadline that passed unmet. The researcher says the company downplayed severity and questioned the need for a CVE, despite a disclosure policy pledging regular updates. A comparable DJI Romo vacuum flaw was patched within weeks in February, earning its finder a $30,000 bounty — underscoring how cloud-side authorization failures keep recurring across the robot vacuum industry.