Compliance Impact

The vulnerability involves hard-coded credentials that allow unauthorized access to real-time telemetry and control of the entire Yarbo robot fleet. This unauthorized access could lead to exposure or manipulation of sensitive operational data.

Such unauthorized access and potential data exposure may impact compliance with common standards and regulations like GDPR and HIPAA, which require protection of sensitive data and control over access to systems.

Organizations using the affected Yarbo applications should apply the recommended updates and implement cybersecurity best practices to mitigate risks and maintain compliance.

Useful 0 Not Useful 0

Executive Summary

CVE-2026-10557 is a critical vulnerability in the Yarbo Android and iOS applications where hard-coded MQTT broker credentials are embedded in the app binaries and are identical for all users and devices.

These credentials can be extracted by decompiling the APK, granting unauthorized access to cloud MQTT brokers that carry real-time telemetry data for the entire global Yarbo robot fleet.

An attacker with these credentials can subscribe to all robot telemetry topics and publish commands to any robot using only its serial number, effectively allowing unauthorized control over the fleet.

Useful 0 Not Useful 0

Impact Analysis

This vulnerability can have severe impacts including unauthorized access to sensitive telemetry data from all Yarbo robots globally.

Attackers can also send commands to any robot in the fleet, potentially causing operational disruptions, safety risks, or damage by controlling the robots without authorization.

The vulnerability has a critical severity score (CVSS v3.1 base score of 9.8), indicating high potential for exploitation with significant confidentiality, integrity, and availability impacts.

Useful 0 Not Useful 0

Detection Guidance

Detection of this vulnerability involves monitoring for suspicious activity related to MQTT broker access, especially unauthorized subscriptions or publishing to robot telemetry and command topics.

Since the credentials are hard-coded and identical across devices, network monitoring tools can be used to detect unusual MQTT traffic patterns or connections from unexpected sources.

Commands to detect such activity might include using MQTT client tools to monitor broker connections or network packet capture tools to analyze MQTT traffic.

• Use tcpdump or Wireshark to capture MQTT traffic on port 1883 or 8883 (if using TLS): tcpdump -i <interface> port 1883
• Use MQTT client tools like mosquitto_sub to subscribe to wildcard topics and check for unauthorized access: mosquitto_sub -h <broker_address> -t '#' -v
• Check application binaries (APK) for embedded credentials by decompiling the app using tools like apktool.

Useful 0 Not Useful 0

Mitigation Strategies

Immediate mitigation steps include updating the Yarbo mobile application to version 3.17.4 or later, which enforces server-side broker authorization.

Additionally, minimize network exposure of control system devices by isolating them from business networks and using secure remote access methods such as VPNs.

Implement cybersecurity best practices for industrial control systems and monitor for suspicious activity related to MQTT broker access.

Report any suspicious findings to CISA as part of ongoing security monitoring.

Useful 0 Not Useful 0