Introduction
A single set of MQTT credentials, hard coded into the Yarbo mobile app and shared across every user and every device on the planet, gave anyone with a copy of the APK the ability to monitor and command an entire fleet of autonomous yard robots. With over 50,000 Yarbo units deployed across 30+ countries, the exposure window covered lawn mowers, snow blowers, and blowers: machines with spinning blades and significant physical force that a remote attacker could set in motion.
Yarbo Inc. is a robotics company founded in 2015 that manufactures modular autonomous yard care robots. Originally launched as Snowbot, the company rebranded in 2022 and has since expanded into lawn mowing, leaf blowing, and trimming. Yarbo reports more than 10,000 users globally and has received recognition including the Red Dot Design Award and CES Innovation Awards, placing it among a growing class of consumer IoT companies where software security directly intersects with physical safety.
CVE-2026-10557, disclosed in CISA Industrial Control Systems Advisory ICSA-26-162-01 on June 11, 2026, carries a CVSS v3.1 score of 9.8 (Critical) and a CVSS v4.0 score of 9.3 (Critical). The vulnerability was reported by Markus Lassfolk of Truesec.
Technical Information
Root Cause: CWE-798 (Use of Hard-coded Credentials)
The Yarbo Android and iOS mobile applications contained MQTT broker credentials stored as plaintext string constants in the application binary. These were not per-user tokens or dynamically provisioned secrets. They were a single username/password pair, identical across every installation of the app worldwide. Any user, or any attacker, who decompiled the APK using freely available tools like apktool or jadx could extract them in minutes.
Once extracted, these credentials authenticated the holder to Yarbo's cloud MQTT brokers, which serve as the central communication backbone for the entire robot fleet. The brokers carry real time telemetry (location, operational status, sensor readings, device serial numbers) and accept command messages that control physical robot behavior.
The Compounding Factor: CVE-2026-7368 (Missing Authorization)
CVE-2026-10557 does not exist in isolation. It is compounded by CVE-2026-7368 (CWE-862, CVSS v3.1: 8.1, CVSS v4.0: 8.6), which describes the complete absence of per-device or per-user authorization on the cloud MQTT broker. Together, these two vulnerabilities form a single exploitation chain:
| CVE ID | CWE | CVSS v3.1 | Vulnerability Type | Affected Component |
|---|---|---|---|---|
| CVE-2026-10557 | CWE-798 | 9.8 (Critical) | Hard-coded Credentials | Yarbo Mobile App (< v3.17.4) |
| CVE-2026-7368 | CWE-862 | 8.1 (High) | Missing Authorization | Yarbo Cloud MQTT Infrastructure |
The hard-coded credentials provide the initial access. The missing authorization ensures that access is not scoped to a single device or user but instead spans the entire fleet.
Attack Flow
The exploitation chain proceeds through four steps, none of which require specialized tooling or advanced expertise:
Step 1: Credential Extraction. The attacker obtains the Yarbo Android APK from any app store mirror or directly from a device. Using standard decompilation tools, the attacker locates the MQTT broker username and password embedded as plaintext strings in the binary. No obfuscation or encryption protects these values.
Step 2: Broker Authentication. The attacker uses the extracted credentials to connect to the Yarbo cloud MQTT broker using any standard MQTT client. Because the credentials are universal, the same values work regardless of which user account or device originally installed the app.
Step 3: Fleet-Wide Telemetry Subscription. With an authenticated MQTT session and no broker-side authorization checks (CVE-2026-7368), the attacker issues a wildcard subscription (e.g., yarbo/# or an equivalent topic pattern) to receive real time telemetry from every connected Yarbo robot globally. This telemetry includes GPS location data, operational status, sensor readings, and critically, device serial numbers.
Step 4: Command Injection. Armed with a target robot's serial number (harvested from the telemetry stream), the attacker publishes MQTT messages to that robot's command topic. The only identifier required to target a specific robot is its serial number. This enables remote initiation of physical operations: starting or stopping mowing cycles, changing direction, activating blades, or triggering other mechanical actions.
Severity Assessment
The CVSS v3.1 vector string AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H captures the worst case profile: the attack is network accessible, requires low complexity, demands no privileges and no user interaction, and achieves high impact across all three CIA triad dimensions. The CVSS v4.0 vector CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N reinforces this under the newer scoring methodology.
Physical Safety Implications
Security researcher Andreas Makris independently demonstrated that remote hijacking of Yarbo robots translates directly to physical harm. Makris published findings in May 2026 showing that attackers could harvest WiFi passwords from Yarbo devices, access robot cameras, and take full operational control. To prove the physical danger was not theoretical, Makris commanded a Yarbo lawn mower to run him over. The Verge reported on Yarbo's subsequent promise to address the vulnerabilities.
Patch Information
The remediation for CVE-2026-10557 is a two-pronged fix, one part client-side and one part server-side, reflecting the dual nature of the flaw.
Client-Side Fix: Mobile App v3.17.4
Yarbo released mobile application version 3.17.4 for both Android and iOS. The CVE.org record explicitly marks all versions prior to 3.17.4 as affected (affected from 0 before 3.17.4), confirming this is the minimum safe version. This update strips the shared, hard-coded MQTT credentials from the application binary entirely. In earlier versions, these credentials were identical across all users and all devices, meaning anyone who decompiled the APK or inspected the iOS bundle could extract them. Version 3.17.4 removes this embedded secret so that new installations and updated apps no longer carry the universal key to Yarbo's MQTT brokers.
It is important to understand what this app update alone does not fix. Removing the embedded credential stops new extractions from the app, but if the credentials had already been extracted from an older version, the server-side infrastructure also needed to stop honoring them.
Server-Side Fix: May 2026 Cloud Update
Yarbo deployed a server-side update to their cloud MQTT infrastructure in May 2026 that enforces broker-level authorization. According to CISA advisory ICSA-26-162-01, this update required no user action and was applied automatically to the cloud backend. The key changes include adjusting MQTT topic permissions to eliminate fleet-level shared access, limiting the scope of each credential so that wildcard subscriptions across the entire global fleet are no longer possible, and establishing stricter boundaries around command topics.
Yarbo's own security update page (authored by co-founder Kenneth Kohlmann) provides further detail on the server-side work: replacing the historical shared-password model with device-level independent credentials via OTA updates, building a credential management service where device passwords are dynamically derived from device identity rather than hardcoded, and adding audit logging for operational access. The page describes several items as already completed, including resetting device root passwords and closing unauthenticated endpoints, while others such as per-device credential rotation and full audit trail implementation were still in progress at the time of publication.
Both patches are essential. The app update eliminates the credential supply problem (no more secrets in the binary), while the broker update addresses the credential trust problem (even a previously valid credential can no longer roam the entire fleet). Users must update their Yarbo app to 3.17.4 or later to be fully remediated on the client side; the server-side protections take effect regardless of user action.
Affected Systems and Versions
The following components are affected:
- Yarbo Android Mobile Application: All versions prior to 3.17.4
- Yarbo iOS Mobile Application: All versions prior to 3.17.4
- Yarbo Cloud MQTT Infrastructure: All versions prior to the May 2026 server-side update (CVE-2026-7368)
The vulnerability affects the entire deployed base of Yarbo robots that communicate through the cloud MQTT infrastructure, which Yarbo reports as over 50,000 units across 30+ countries. All Yarbo product lines that use the mobile app for control are implicated, including the Yarbo Snow Blower, Yarbo Lawn Mower, Yarbo Lawn Mower Pro, Yarbo Blower, and Trimmer Package.
Vendor Security History
The 2026 disclosure cycle for Yarbo reveals a pattern of systemic security weaknesses rather than isolated incidents. Four CVEs were disclosed by three independent research groups within approximately two months:
| CVE ID | Description | Discoverer | Severity |
|---|---|---|---|
| CVE-2026-7413 | Persistent undocumented backdoor in Yarbo firmware v2.3.9 | AHA! (Austin Hackers Anonymous) | Critical |
| CVE-2026-7415 | Open MQTT orchestration without read/write ACLs in firmware v2.3.9 | AHA! (Austin Hackers Anonymous) | Critical |
| CVE-2026-10557 | Hard-coded MQTT credentials in mobile app | Markus Lassfolk (Truesec) | Critical (9.8) |
| CVE-2026-7368 | Missing authorization in cloud MQTT infrastructure | Markus Lassfolk (Truesec) | High (8.1) |
The AHA! discovery of CVE-2026-7413 is particularly notable: a persistent, undocumented backdoor in production firmware cannot easily be explained as a simple coding oversight. It implies either a deliberate design decision (e.g., a debug or diagnostic backdoor left in production) or a complete absence of code review processes.
Separately, Andreas Makris disclosed a distinct set of vulnerabilities in May 2026 covering WiFi password harvesting, camera access, and full remote hijacking of Yarbo robots. Yarbo responded publicly on May 8, 2026 with a detailed pledge to fix the issues, as reported by The Verge.
Following the May 2026 disclosures, Yarbo established a dedicated Security Center on its website with a vulnerability disclosure policy and contact point. However, the Security Center does not mention any third-party security audits, penetration testing programs, or security certifications, which are standard practices for IoT device manufacturers handling safety-critical products.
The breadth of these findings, spanning the mobile application, cloud infrastructure, and device firmware, and the fact that they were found by multiple independent researchers in a short window, suggests that Yarbo's product development lifecycle has lacked a structured security development lifecycle (SDL). The patches released address the immediate exposure, but without fundamental changes to the development process, further vulnerabilities in this expanding product line remain likely.
References
- CISA Advisory ICSA-26-162-01: Yarbo Android/iOS Mobile Application and Cloud Infrastructure
- NVD: CVE-2026-10557
- CVE Record: CVE-2026-10557
- CISA CSAF Advisory File (JSON)
- CISA CSAF GitHub Repository
- WindowsForum: Hard-Coded MQTT Secrets and Weak Authorization Risk Fleet Control
- Yarbo Security Update Regarding Remote Diagnostic Systems
- Yarbo Security Center
- Malwarebytes: Yarbo Responds to Robot Flaws That Could Mow Down Their Owners
- The Verge: Yarbo's Promise to Fix the Robot Mower That Ran Over a Researcher
- Yarbo Forum: Security Breach / Backdoor Into All Yarbo Cores
- AHA!: CVE-2026-7415
- GitHub Advisory: GHSA-5jxr-5v22-49gf
- Yarbo About Us



