DJI

Incidents involved as both Developer and Deployer

Incident 13891 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums

2026-02-08

A software engineer reportedly used an AI coding assistant while attempting to reverse-engineer his DJI robot vacuum so he could control it with a video game controller. In the course of that work, he reportedly said he discovered that credentials used to communicate with DJI's cloud servers could also grant access to data associated with nearly 7,000 other vacuums across 24 countries, including live camera feeds, microphone audio, maps, and status information.

Related Entities

DJI Romo owners

Incidents Harmed By

Incident 1389
1 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums

DJI Romo

Incidents implicated systems

Incident 1389
1 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums

DJI Home app

Incidents implicated systems

Incident 1389
1 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums

DJI cloud servers

Incidents implicated systems

Incident 1389
1 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums

In-home sensor data

Incidents implicated systems

Incident 1389
1 Report
DJI Romo Cloud Authorization Bug Reportedly Exposed Camera, Microphone, and Home-Mapping Data From Nearly 7,000 Robot Vacuums