Unitree Robot Hack: What You Need to Know

Critical vulnerability in the low energy (BL) Wi-Fi Bluetooth Wi-Fi configuration interface used by several Unitree robots can cause a control in the roots by an attacker, safety researchers Disclosed September 20. The feat has an impact on the GO2 and B2 quadrupeds of Uniree and the G1 and H1 humanoids. Since the vulnerability is wireless and that the access resulting from the affected platform is finished, the vulnerability becomes be nice, Say researchers, which means “aN infected robot can simply scrutinize other robots united in the bleach and automatically compromise them, creating a robot bot that spreads without user intervention. »»

Initially discovered by security researchers Andreas Makris and Kevin Finisterre, Unipwn takes advantage of several security towers which are still present in the firmware of the uniters robots on September 20, 2025. Regarding Spectrum ieee is aware, this is the first great public feat of a commercial humanoid platform.

UNIREE ROBOTS SAFETY FAILLE

Like many robots, Unidree’s robots use an initial bat connection to facilitate the configuration of a Wi-Fi network connection. The Ble packets that the robot accepts are encrypted, but these encryption keys are coded hard and were published on X (formerly Twitter) by Makris in July. Although the robot validates the contents of the Ble packets to ensure that the user is authenticated, the researchers say that everything you need to become an authenticated user is to encrypt the chain “ Uniree ” with the keys coded in hard and the robot will allow someone. will perform this code without any validation and with root privileges.

“A simple attack could be simply to restart the robot, which we have published as proof of concept,” explains Makris. “But an attacker could do much more sophisticated things: it would be possible to have a Trojan in the starter routine of your robot to exfiltrate the data while deactivating the possibility of installing a new firmware without the user knows it. And as the vulnerability uses ble, the robots can easily get infected, and from there, the attacker could have access to a robot army.

Makris and Finisterre contacted Uniree for the first time in May to try to disclose this vulnerability in a responsible manner. After a few back and forth with little progress, UNiree stopped responding to researchers in July, and the decision was made to make the vulnerability public. “We have had bad experiences to communicate with them,” said Makris, citing a vulnerability of an earlier stolen door which he discovered with the Go1 unit. “So we have to ask ourselves-are they presenting vulnerabilities like this on purpose, or is it a botched development?” The two answers are just as bad. ” Uniree did not respond to a request for a comment from Spectrum ieee at the time of the press.

“UNired, as the other manufacturers do, simply ignored previous security disclosure and repeated awareness attempts,” explains Víctor Mayoral-Vilches, the founder of the Cybersecurity Society in Robotics alias Robotics. “It’s not the right way to cooperate with safety researchers.” Mayoral-Vilches was not involved in the publication of the UNIPWN feat, but he found other safety problems with the UniEe robots, including the non-disclosed streaming of telemetry data in the servers in China which could potentially include audio, visual and space data.

Mayoral-Vilches explains that safety researchers focus on UNired mainly because robots are available and affordable. This makes them not only more accessible for researchers, but also more relevant, because unique robots are already deployed by users around the world who are probably not aware of security risks. For example, Makris fears that the Nottinghamshire police in the United Kingdom have started to test a Go2 unique, which can be operated by Unipwn. “We tried to contact them and we would have revealed the vulnerability in advance before going to public, but they ignored us. What would happen if an attacker presented himself in one of these police dogs? ”

How to secure the unreer robots

In the short term, Mayoral-Vilches suggests that people using unique robots can protect themselves by only connecting robots to isolated Wi-Fi networks and deactivating their Bluetooth connectivity. “You have to hack the robot to secure it for real,” he says. “It is not uncommon and why research in robotics safety is so important.”

Mayoral-Vilches and Makris believe that fundamentally, it is up to UniDe to secure their robots in the long term, and that the company must be much more reactive to security users and researchers. But Makris says: “There will never be a 100%secure system.”

Mayoral-Vilches agrees. “Robots are very complex systems, with large attack surfaces to protect, and a advanced humanoid illustrates this complexity.”

UNITEE, of course, is not the only company to offer quadrupeds and complex human humanoids, and it seems likely (if not inevitable) that similar exploits will be discovered on other platforms. The potential consequences here cannot be overestimated – the idea that robots can be taken up and used for harmful purposes is already a science fiction trope, but the impact of a hacking of high -level robots on the reputation of the commercial robotics industry is not clear. Robot companies are just talking about public security, despite how even damage perception an unsecured robot could be. A robot that is not under control has the potential to be a real physical danger.

During the IEEE Humanoid conference in Seoul from September 30 to October 2, Mayoral-Vilches organized a workshop on cybersecurity for humanoids, where he will present a brief (co-written with Makris and Finisterre) entitled Humanoid Robots as a vectors of attack. Despite the title, their intention is not to overhyper the problem too much, but rather to encourage roboticians (and robotics companies) to take security seriously and not to treat it afterwards. As Mayoral-Vilches points out, “robots are only sure if they are secure”.