Critical vulnerability in Bluetooth low energy (Ble) Wi-Fi Configuration interface used by several different Unitree Robots can lead to absorption at the root level, security researchers, security researchers disclosed on September 20The exploit field affects the square and G1 and H1 gumanoids GO2 and B2. Since vulnerability is wireless, and the gained access to the touched platform is completed, the vulnerability becomes damn, Tell the researchersThe meaning “an infected robot can simply scan on others Unitree Robots in the BLE range automatically compromise, creating a robot botnet that spreads without the intervention of the user. ”
Originally discovered by security researchers Andreas Macris and Kevin Fanisterra, Unipwn uses several safety failures that are still present in Firmware from Unitree Robots as of September 20, 2025. As for IEEE Spectrum He knows that this is the first major public operation of the commercial humanoid platform.
Uniteree Robots' Ble in the field of security is naked
Like many robots, Unitere robots use the initial BLE connection to simplify the user to configure the Wi-Fi network connection. Ble packages that take the robot are encrypted, but those that encryption The keys are harshly encoded and were Published on X (previously Twitter) Macris in July. Although the robot checks the contents of the BLE packages to make sure that the user is authenticated, the researchers say that everything that is required to become an authenticated user is to encrypt the Unitree line with hard keys, and the robot will allow someone to go out. Full this code without any validation and with Root privileges.
“A simple attack may be just for the reboot of the robot, which we published as evidence of the concept,” Macris explains. “But the attacker could do much more sophisticated things: it would be possible to have Trojan It is implanted into a subprogram of the launch of your robot for extrafiltrate data, disconnecting the ability to install a new firmware without user knowledge. And since vulnerability uses BLE, robots can easily infect each other, and from there the attacker can have access to the army of robots. ”
Makris and Finisterre first contacted Unitree in May, trying to responsibly reveal this vulnerability. After some and back with a slight progress, Unitree ceased to respond to researchers in July, and a decision was made to publicly vulnerable. “We had some poor experience in communicating with them,” Macris tells us, citing us Previously, Backdor's vulnerability He found with Unitree GO1. “Thus, we need to ask ourselves – do they represent the vulnerabilities like this, or is it sloppy development? Both answers are equally bad. ”
Unitere did not respond to a request about comments from IEEE Spectrum At the time of the press. September 29, Unitree published statement on Linkedin Solution of security issues: “We learned that some users have discovered security vulnerabilities and problems related to the network when using our robots,” the company writes. “We immediately began to solve these problems and now completed most of the corrections. These updates will be transferred to you in the near future. ”
“Unitree, as other manufacturers do, simply ignored the preliminary disclosures of security information and repeated attempts to cover,” says Víctor Mayral-Vilches, founder robotics Cybersecurity company Pseudonym, roboticsThe field “This is not the right way to cooperate with security researchers.” Vilch mayor did not participate in the publication of the exploit of Unipwn, but he found Other safety problems with Unitere robots, including Unsuccessful streaming of telemetry data to servers in China which can potentially include audio, visual and spatial data.
Marlhas explains that security researchers focus on Unitree primarily because robots are available and affordable. This makes them not only more accessible to researchers, but also more relevant, since Unitere robots are already expanded by users around the world who probably do not know about safety risks. For example, Makris is concerned that NottingMshire police in the United Kingdom began testing of the GO2 unitwhich can be used by Unipwn. “We tried to contact them and reveal vulnerability in advance before becoming public, but they ignored us. What will happen if an attacker is introduced into one of these police dogs? “
How to provide unitree robots
In the short term, mayor-witch suggests that people using Unitere robots can protect themselves by connecting robots only to Wi-Fi insulated networks and turning them off Bluetooth Connection. “You need to hack the robot to provide it in the means,” he says. “This is not uncommon and why safety research in robotics is so important.”
Both mayors and Macris believe that this should mainly ensure the safety of their robots in the long run, and that the company should be much more responsive to users and security researchers. But Macris says: “There will never be a 100 percent safe system.”
Marlhas agrees: “Robots are very complex systems, with wide surfaces of attack for protection, and the modern humanoid illustrates this complexity.”
Unitere, of course, is not the only company that offers complex modern four -legged and humanoids, and it seems likely (if not inevitable) that similar exploits will be found on other platforms. A potential consequences Here it is impossible to overestimate, that robots can be captured and used for vile purposes is already science fiction, but the influence of a loud robot on the reputation of a commercial Industry of robotics It is unclear. The company's robots are barely talking about public security, despite how destructive even perception There may be an unsecured robot. The robot, which is not under control, can be a real physical danger.
For IEEE Humanoids Conference In Seoul from September 30 to October 2, Mayoral-Vilches organized Cybersecurity seminar for humanoidswhere he will present a short (co -author with Makris and Finisterre) under the name Humanoid robots as an attack vectorsDespite the name, their intention is not to jump out the problem, but instead encourage robotaucks (and Robotics) Seriously treat safety and not treat it as a belated thought. According to mayors-VILCHS, “robots are safe only if they are safe.”
The history was updated on September 29, 2025 with a statement issued by Unitere.
From the articles of your site
Related articles on the Internet
