Unitree Robots Bluetooth Low Energy Command Injection Vulnerability Allowing Root Takeover
Vulnerability
A command injection vulnerability has been identified in the Bluetooth Low Energy (BLE) Wi-Fi configuration interface of Unitree robots, specifically the Go2, G1, H1, and B2 models, all running firmware through September 20, 2025. This vulnerability arises from hardcoded cryptographic keys, weak authentication, and unsanitized command inputs, allowing attackers to gain root access and control over the devices. The issue is particularly alarming because it is wormable, enabling infected robots to automatically compromise other nearby Unitree robots via Bluetooth.
Impact
Exploitation of this vulnerability allows for complete control over the affected robot, with root access enabling arbitrary command execution. The wormable nature of the vulnerability means that an infected robot can spread the compromise to other Unitree robots in Bluetooth range, creating a network of compromised devices. This could be particularly damaging in critical environments where these robots are deployed, such as law enforcement or military operations.
Reproduction
To reproduce this vulnerability, first, send an AES-encrypted payload containing the string 'unitree' to authenticate with the robot. After establishing access, initiate the Wi-Fi configuration by selecting either AP or STA mode. Then, inject a command payload through the Wi-Fi SSID or password settings. Finally, set the Wi-Fi country code to trigger the vulnerable command execution thread. The robot will execute the injected command with root privileges, allowing for actions such as rebooting the device or more sophisticated exploits like installing a trojan that could exfiltrate data or disrupt normal operations.
Remediation
Unitree users are advised to connect robots only to isolated Wi-Fi networks and disable Bluetooth connectivity. However, for a more permanent solution, Unitree needs to address these security flaws in their firmware and improve their responsiveness to security concerns.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.