Company Yarbo has issued an official response following a report detailing vulnerabilities in its robotic lawnmowers, which allowed unauthorized remote access and exposed user data. The company confirmed the findings of security researchers, apologized, and presented an action plan to correct the detected issues.
Technical measures: remote access suspended and root passwords under review 🔒
Yarbo has temporarily disabled remote access to devices while implementing security patches. Among the critical flaws identified is the use of identical root passwords for all robots, an error that allowed an attacker to take full control of any unit. The company assures it is working on a unique authentication system per device and will review its update protocols to prevent future exposures.
The rebellious lawnmower: now also leaks your data 🤖
Because it wasn't enough that the robot decided to prune the flowers instead of the lawn, now it turns out that anyone with a laptop and some time could spy on your conversations from the garden. Yarbo, at least, has had the decency to apologize before its machine becomes the neighborhood gossip. Of course, if your lawnmower starts whistling strange tunes, you'll know why.