Description
A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates.
Published: 2026-05-07
Score: 7.2 High
EPSS: n/a
KEV: No
Impact: n/a
Action: n/a
AI Analysis

Impact

A hidden, persistent backdoor was discovered in Yarbo firmware version 2.3.9, granting remote, unauthenticated or weakly authenticated users privileged functionality. The backdoor is undocumented, cannot be disabled through user‑facing settings, and survives factory resets and ordinary firmware updates. This flaw enables attackers to gain high‑level control over the device without needing legitimate credentials.

Affected Systems

Yarbo firmware 2.3.9, specifically the embedded robotic platform. No other affected versions are enumerated in the available data.

Risk and Exploitability

The CVSS score is 7.2, indicating a high severity threat. The EPSS score is not available, so the current exploitation likelihood cannot be quantified, but the fact that the backdoor is persistent and cannot be deactivated raises significant risk. The vulnerability is not listed in CISA's KEV catalog, reducing exposure to known exploitation campaigns. Attackers likely exploit the flaw via network connections to the robot, using undocumented interfaces or hardcoded credentials, as the backdoor accepts unauthenticated requests.

Generated by OpenCVE AI on May 7, 2026 at 18:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Update the firmware to a version where the backdoor has been removed or patched.
  • If a patch is not available, block all external network traffic to the robot and isolate it from untrusted networks.
  • Regularly monitor logs for suspicious commands and enable robust authentication or change default credentials.

Generated by OpenCVE AI on May 7, 2026 at 18:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Thu, 07 May 2026 21:45:00 +0000

Type Values Removed Values Added
First Time appeared Yarbo
Yarbo firmware
Vendors & Products Yarbo
Yarbo firmware

Thu, 07 May 2026 17:00:00 +0000

Type Values Removed Values Added
Description A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates.
Title Persistent undocumented backdoor access in Yarbo robot
Weaknesses CWE-912
References
Metrics cvssV3_1

{'score': 7.2, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H'}

Subscriptions

Yarbo Firmware
cve-icon MITRE

Status: PUBLISHED

Assigner: AHA

Published:

Updated: 2026-05-07T16:09:26.134Z

Reserved: 2026-04-29T13:37:07.749Z

Link: CVE-2026-7413

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-05-07T17:15:59.343

Modified: 2026-05-07T18:46:25.867

Link: CVE-2026-7413

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-05-07T21:24:38Z

Weaknesses