Unitree Go1 Backdoor Vulnerability via CloudSail Remote Access Service

A backdoor vulnerability has been identified in the Unitree Go1 robot, allowing complete remote control of the device. This backdoor is accessible to the manufacturer and anyone with the correct API key, through the CloudSail remote access service. The vulnerability arises from an undocumented feature that enables unauthorized surveillance and control over the robot, including access to live camera feeds and the ability to manipulate the robot's actions. This issue is particularly concerning given the Go1's potential use in law enforcement and military operations.

Impact

Exploitation of this vulnerability allows for unauthorized remote control of the Unitree Go1 robot, enabling the manipulation of the robot's actions and access to its camera feeds. This could lead to unintended consequences in physical environments, especially if the robot is used in sensitive contexts such as law enforcement or military operations.

Remediation

Unitree has revoked the API key that allowed access through the backdoor and disabled the CloudSail service on the Go1. However, users are advised to manually disable the CloudSail client on the robot's Raspberry Pi, as the service could be reactivated if a new API key is issued.