Three flaws in Xiaomi's miIO protocol chain into root-level RCE on the C400 smart camera. TASZK Security Labs published the full exploit and a cloud jailbreak tool on GitHub on March 16, 2026. The vulnerabilities were reported to Xiaomi in September 2025.
The miIO protocol is Xiaomi's proprietary communication layer, running over UDP port 54321. It powers setup and control across the Xiaomi smart home lineup. The C400 runs a Buildroot-based embedded Linux with three core processes. miio_client handles network communication. It is the only port exposed beyond DHCP. imi_mike interfaces with hardware. mi_daemon supervises both and restarts them on crash.
A smartphone connects to the C400's open Wi-Fi AP during initial configuration. An ECDH key exchange, secured by a QR-code-derived 128-bit token, authenticates the handshake.
The first weakness is an authentication bypass in that handshake.
An adversary can finish the flow by replaying values the C400 sends. No QR token is needed. Physical proximity to the unit becomes unnecessary.
The second bug targets the pseudorandom number generator. The miio_client binary uses uClibc's default Additive Lagged Fibonacci Generator (not a cryptographic PRNG) for ECDH keypair generation. After roughly 22 handshake packets, all future random values become predictable. TASZK describes the most dangerous scenario. Someone breaks the RNG, leaves Wi-Fi range, and lets the real owner complete a legitimate setup. All future session keys remain derivable. The adversary can then eavesdrop all miIO traffic, including plaintext Wi-Fi credentials the smartphone pushes to the C400, breaking 802.11-level security from a distance.
The third bug is a heap buffer overflow in the AES-128-CBC decryption function. When a packet's payload length is not a multiple of 16, the decryption routine reads and writes one full block past the allocated heap buffer. By setting the payload to exactly (16n - 1), only the last position of the overflow block is zeroed by memset. The adversary controls the remaining 15 positions by making the UDP packet larger than the declared miIO header length.
Compiling a network-facing binary without PIE (Position-Independent Executable) on a 2024-era IoT product is a baseline mitigation failure. PIE has been standard on desktop Linux since 2015 and on Android since version 5.0 (2014). Without PIE, all binary addresses are fixed and predictable, turning a heap overflow into a reliable exploit with minimal effort.
— Artem Safonov, Threat Analyst at AnonHaven
TASZK researcher Botond Hartmann built the full exploit during a two-month internship. The chain first runs a partial handshake with an invalid signature, leaving mbedtls-allocated chunks on the fastbin. The overflow then corrupts a fastbin entry to insert a fake chunk at a known address in the non-PIE binary. The next allocation overwrites a function pointer (miio_info_kvs_hook_default). A benign-looking miIO request triggers execution at the overwritten address. A ROP chain pivots the stack to controlled data. It then writes bind shell shellcode to executable memory via /proc/self/mem (the Linux kernel ignores write protections on this file by default). The result is a root shell with no sandboxing.
If the first attempt fails, mi_daemon restarts the crashed process with a clean memory layout. The attacker can retry deterministically.
The same exploit chain that lets a privacy-conscious owner run a camera without Xiaomi cloud also lets a malicious neighbor silently backdoor it. Persistence survives reboots via the writable
— Artem Safonov, Threat Analyst at AnonHaven/mnt/data/sysctlscript, and LD_PRELOAD injection works even on noexec-mounted partitions. TASZK's jailbreak hooks into theimi_mikehardware interface binary, implements local MPEG-TS streaming over TLS, SD card recording with asymmetric encryption, and Frigate NVR integration in roughly 600 lines. Dual-use research at its clearest.
Xiaomi smart cameras have a history of security incidents. In January 2020, Xiaomi confirmed a privacy breach where its Mijia camera fed random users' footage to other users' Google Nest Hub displays. In June 2025, CVE-2024-45347 (CVSS 9.6) in Xiaomi's Mi Connect Service App allowed same-network attackers to bypass authentication and control user devices.
TASZK Security Labs is a Hungarian research firm specializing in mobile and embedded exploitation. Their prior work on Samsung Exynos and MediaTek basebands produced 17+ CVEs, including zero-click over-the-air RCE. The Xiaomi C400 project marks TASZK's first published IoT research. Lorant Szabo guided the hardware reverse engineering phase.
Xiaomi received all three reports in September 2025. TASZK highlights a limiting factor. The flaws "require a physically adjacent attacker in practice, which limits their severity." Companion advisories detail the disclosure timeline and patch status. No public statement from Xiaomi has appeared as of March 17, 2026.
C400 owners should check for firmware updates. Avoid performing initial configuration in locations where untrusted parties could be within Wi-Fi range. A 10-second reset button press returns the unit to the vulnerable factory state. TASZK warns that covering the QR label on the bottom provides no protection. The PRNG bug eliminates the need for the QR token entirely. Network segmentation (a separate VLAN for IoT products) limits lateral movement if the unit is compromised.
Have a story? Become a contributor.
We work with independent researchers and cybersecurity professionals. Send us a tip or submit your article for editorial review.
