A few days ago, when a DIY enthusiast tried to control his DJI Romo sweeping robot with a PS5 game controller, he accidentally triggered a serious security vulnerability. As a result, about 6,700 robots of this type around the world were subject to unauthorized access, allowing them to view real-time camera footage, obtain home 2D floor plans, and even locate equipment locations.
After the incident was exposed by The Verge, DJI officially responded, saying that it had completed fixing the vulnerability.
The vulnerability was discovered by Sammy Azdoufal. He told the media that his original intention was just to use the PS5 controller to control the newly purchased DJI Romo, so he used Claude Code software to reverse engineer the communication protocol between the robot and the DJI server, and made a homemade remote control application.
Surprisingly, the app's permissions were out of control after connecting to the server. He only extracted the private token of his own device and received a response from about 7,000 Romo units around the world.
A reporter from The Verge witnessed the vulnerability demonstration live. Within 9 minutes, Azdufar’s computer recorded 6,700 DJI devices in 24 countries and collected more than 100,000 device messages, covering device serial numbers, clean rooms, scenes seen, driving distance, charging time and obstacles encountered, etc.
Two maps of Thomas' living space. The top is the unauthenticated map obtained from the DJI server; the bottom is the map the homeowner sees on his mobile phone.
With just the 14-digit device serial number provided by my colleague Thomas Ricker, I can accurately check the status of the robot cleaning the living room and the remaining 80% battery, and also obtain the accurate floor plan of my colleague's home.
In addition, he was able to bypass his own robot's security PIN to view real-time footage, and even shared a read-only version of the application with Gonzague Dambricourt, CTO of a French IT consulting company, who could remotely view his Romo's camera footage without pairing the device.
Azdufar emphasized that he did not invade the DJI server. "I did not violate any rules, crack or brute force any system." It was just that the private token he extracted for his own device, which was supposed to be the key to verify his own device access permissions, was misjudged by the DJI server as a general permission, thus leaking data on thousands of devices around the world.
He also revealed that he would clear all acquired data every time he closed the tool and did not abuse the loophole to invade other people's privacy.