Ghost Robotics Vision 60 Authentication Vulnerability in Network and USB Interfaces

Vulnerability

A vulnerability exists in Ghost Robotics Vision 60 version 0.27.2, allowing unauthorized access to the robot's network through its physical interfaces, which include three RJ45 connectors and a USB Type-C port. The robot's internal router automatically assigns IP addresses to devices connected via these ports. This lack of authentication enables an attacker to connect a WiFi access point to the robot's network without needing the deployed network credentials. Once connected, the attacker can monitor the robot's data, as it operates on ROS 2 without default authentication.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the robot's network, allowing an attacker to intercept and monitor data transmitted by the robot, which could be used to exploit other vulnerabilities or manipulate the robot's actions.

Added: Oct 22, 2025, 9:17 AM

Updated: Oct 22, 2025, 9:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

2.5

exploitability

4.9

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ghost Robotics Vision 60 Authentication Vulnerability in Network and USB Interfaces

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating