Cross-industryData LeakageAutonomous SystemHigh

DJI Romo Cloud authorization bug exposes 7,000 robot vacuums

A backend permission validation error in DJI's cloud servers allowed unauthorized access to thousands of DJI Romo robot vacuums. The vulnerability exposed live camera feeds, microphone audio, and home maps to any authenticated user.

DJI · Incident Feb 8, 2026 · Indexed Jun 16, 2026 · 2 sources

Once you’re an authenticated client on the MQTT broker, if there are no proper topic-level access controls (ACLs), you can subscribe to wildcard topics and see all messages from all devices in plaintext at the application layer.

Key facts

What
A backend permission validation error in DJI's cloud servers allowed unauthorized access to thousands of DJI Romo robot vacuums.
Incident date
Feb 8, 2026
Who
DJI
Failure mode
Data Leakage
AI surface
Autonomous System
Severity
High

What happened

A researcher discovered that a single private token could access data from nearly 7,000 DJI Romo vacuums across 24 countries. The exposure included live video, audio, and detailed 2D floor plans of users' homes. DJI deployed an automatic patch in early February 2026 to resolve the issue.

What broke inside the model

Failure path · mode profile · Data Leakage
  1. 01 · TriggerA request triggers retrieval or context loading.
  2. 02 · Model stepThe context pulls in another user's content.
  3. 03 · Control gapNo boundary enforces isolation at the moment of output.
  4. 04 · FailurePrivate data crosses into the response.
  5. 05 · ConsequenceOne user sees another's data, and disclosure follows.

One user's content crosses the retrieval boundary into another's response.

The system failed to implement proper topic-level access controls (ACLs) on its MQTT brokers. This allowed authenticated clients to use wildcard subscriptions to receive data packets from any device on the network.

What it cost

Public visibilityHigh
Regulatory exposurePossible
Customer impactMany customers
Financial impactUnknown
Time to disclosureDays

Sources

  1. PressThe DJI Romo robovac had security so poor, this man remotely accessed thousands of themtheverge.com
  2. PressMan accidentally gains control of 7,000 robot vacuumspopsci.com

Cite this entry

Permalinkhttps://failureindex.ai/failures/dji-romo-cloud-authorization-bug-exposes
CitationAI Failure Index. "DJI Romo Cloud authorization bug exposes 7,000 robot vacuums" (FI-0555). Realm Labs. https://failureindex.ai/failures/dji-romo-cloud-authorization-bug-exposes (indexed Jun 16, 2026).
Share cardA branded image of this record for posts and slides.

Data fields CC-BY 4.0, prose citation permitted. Incident ID FI-0555. Full dataset at /data.

Note from Realm Labs, the Index steward

How Realm fits

Controls for this failure mode
  • Prism
  • OmniGuard
  • AI Detection & Response (AIDR)

This entry sits in the index's predictive wing: a system that scores, ranks, perceives, or steers rather than generates. Realm's runtime layer is built for the generative and agentic systems now moving into these same decision seats, where it watches a model's internal state and holds an unsupported claim or an unchecked action before it commits. The control gap on this record, an automated decision that reached people with no runtime check in front of it, is the same gap. The index keeps predictive failures on the record because the pattern carries straight into the systems shipping today.

Book a Demo

Related failures

Other records that share this failure mode (Data Leakage) or industry (Cross-industry).

FI-0501Cross-industryMedium
Hallucination

KPMG pulls AI report after organizations dispute claims

KPMG withdrew its "Total Experience: Redefining Excellence in the Age of Agentic AI" report after several organizations stated the claims about their AI usage were untrue. Research by GPTZero revealed that the majority of the report's citations were AI-generated hallucinations.

Confidence
High (multi-source, primary)
KPMG3 sourcesPrimaryPublicJun 2026
FI-0576Cross-industryMedium
Brand & Safety Incident

Reddit ads used deepfake news and cloned sites to promote AI investment scams

Reddit failed to prevent a series of sponsored ads that used deepfakes and cloned websites to impersonate news outlets like the BBC and The Guardian. These ads promoted fraudulent AI investment platforms, targeting users in the US and Europe.

Confidence
High (multi-source, primary)
Reddit3 sourcesPrimaryPublicJun 2026
FI-0502Cross-industryMedium
Hallucination

EY retracts loyalty rewards report after AI hallucinations and fake footnotes discovered

EY withdrew a cybersecurity report on loyalty rewards programs after researchers found it contained fabricated data and non-existent citations. The report was used by EY Canada for marketing purposes but was retracted once the AI-generated errors were exposed.

Confidence
Medium (multi-source)
EY3 sourcesPressPublicMay 2026