What started as a fun weekend project to control a robot vacuum cleaner with a PlayStation 5 gamepad turned into the accidental discovery of a major security vulnerability, allowing one software engineer to remotely access and view data from approximately 7,000 DJI Romo robot vacuums scattered across 24 countries.
Sammy Azdoufal, a software engineer specialising in AI strategy, purchased a new DJI Romo – the company’s first robot vacuum cleaner – and decided to tinker with it by connecting it to his PS5 controller for manual steering. Using the AI coding assistant Claude Code, he reverse-engineered the communication protocol between the Romo and DJI’s cloud servers, then built a custom app to send commands and receive responses.
Engineer uses Claude to hack his DJI robot
Instead of limiting access to his own device, the app began receiving data from thousands of other Romo units globally. The root cause was a critical flaw in DJI’s backend authentication. Once authenticated with a single device’s private token (extracted legitimately from his own vacuum), the MQTT message broker lacked proper topic-level access controls. This allowed any authenticated client to receive plaintext messages intended for other devices, including serial numbers, battery status, real-time location, cleaning progress, obstacle data, generated floor maps, live camera feeds, and even microphone audio.
Azdoufal demonstrated the breach’s severity to The Verge by using just a 14-digit serial number provided by a journalist. Within minutes, he pulled up the reporter’s Romo unit, confirming it was cleaning the living room at 80% battery, and generated an accurate floor plan of the home from another country. He also bypassed his own device’s security PIN to show live video, waving at the camera while it streamed remotely.
DJI responded and fixes issue
Azdoufal responsibly reported the issue to DJI rather than exploiting it maliciously. The company acknowledged the vulnerability and stated that the problems had been resolved, though it provided no detailed technical explanation of the patches. DJI highlighted that the flaw affected its cloud infrastructure but did not involve direct server breaches or credential cracking.
The incident brings into the limelight the persistent risks in IoT devices, especially connected home appliances with cameras, microphones, and mapping capabilities. Poorly implemented cloud permissions can transform convenience tools into unintended surveillance networks, exposing highly personal home layouts and live feeds to unauthorised parties.