Ghost Robotics Vision 60 Encrypted WiFi and SSH Credential Vulnerability

Vulnerability

A vulnerability exists in the Ghost Robotics Vision 60 robot, specifically in version 0.27.2, due to the presence of encrypted WiFi and SSH credentials within the robot's APK. This vulnerability enables an attacker to connect to the robot's WiFi network and access its data, as the robot operates on ROS 2 without default authentication. Furthermore, the attacker can use SSH to gain full control over the robot, potentially causing physical damage to the robot or its surroundings.

Impact

Exploitation of this vulnerability allows for unauthorized access to the robot's WiFi network and data, along with full control over the robot via SSH, which could lead to physical damage to the robot or its environment.

Added: Oct 22, 2025, 9:46 AM

Updated: Oct 22, 2025, 9:46 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

7.5

exploitability

7.4

remediation

0.0

relevance

0.8

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Ghost Robotics Vision 60 Encrypted WiFi and SSH Credential Vulnerability

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating