Cyber Resilience

CVE-2026-7413

HighPublic PoC

Published: 07 May 2026

Published
07 May 2026
Modified
14 May 2026
KEV Added
Patch
CVSS Score v3.1 7.2 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
EPSS Score 0.0058 43.3th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-7413 is a high-severity Hidden Functionality (CWE-912) vulnerability in Yarbo Lawn Mower Firmware. Its CVSS base score is 7.2 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique External Remote Services (T1133); ranked at the 43.3th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

EU & UK References

Vulnerability details

A hidden, persistent backdoor was found in Yarbo firmware v2.3.9 that provides remote, unauthenticated (or weakly authenticated) access to privileged functionality. The backdoor is undocumented, cannot be disabled via user-facing settings, and survives factory reset and ordinary firmware updates.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1133 External Remote Services Persistence
Adversaries may leverage external-facing remote services to initially access and/or persist within a network.
T1542.001 System Firmware Stealth
Adversaries may modify system firmware to persist on systems.
Why these techniques?

Backdoor in firmware directly provides remote unauthenticated privileged access (T1133) and establishes persistent foothold via system firmware (T1542.001).

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-7415Same product: Yarbo Lawn Mower
CVE-2026-7414Same product: Yarbo Lawn Mower
CVE-2025-0626Shared CWE-912
CVE-2024-39754Shared CWE-912
CVE-2025-48418Shared CWE-912
CVE-2026-30704Shared CWE-912
CVE-2026-3587Shared CWE-912
CVE-2010-20103Shared CWE-912
CVE-2026-1952Shared CWE-912
CVE-2026-33280Shared CWE-912

Affected Assets

yarbo
lawn mower firmware
2.3.9
yarbo
lawn mower pro firmware
2.3.9

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-912

Documenting every system component at the required granularity and reviewing the inventory detects or prevents hidden functionality from remaining undetected.

addresses: CWE-912

Recovery eliminates hidden functionality or backdoors introduced during compromise.

addresses: CWE-912

Policy requires supplier transparency and testing to detect hidden functionality or backdoors inserted in the supply chain.

addresses: CWE-912

Screening high-risk technical positions lowers the probability that hidden functionality or backdoors will be added by authorized personnel.

addresses: CWE-912

Hunting identifies hidden functionality used for persistence or evasion after initial compromise.

addresses: CWE-912

TSCM surveys discover and eliminate hidden surveillance functionality that would otherwise remain undetected in the environment.

addresses: CWE-912

Change control, approval gates, and flaw tracking force hidden functionality to be either documented or discovered and removed.

addresses: CWE-912

Vetting and integrity controls during acquisition reduce the likelihood of hidden backdoors or malicious functionality introduced by suppliers.

References