- UNIPWN utilizes unitree -robots that allow external rod access via network services
- The vulnerability combines hard -coded keys, weak handshakes and uncertain command execution
- Compromised devices could try lateral movement over nearby robots over wireless links
Security researchers Bin4ry and D0tslash have published a revaluation on GitHub about exploitation named “Unipwn” that affects several Unitree product lines.
Vulnerability affects G1 -Humanoids, GO2 and B2 FIRE DOUBLE, and it can be used to escalate privileges to root.
It seems to link weaknesses that, when combined, allow remote command in affected devices.
How the vulnerability works and why it means something
The vulnerability kit allegedly includes hard -coded cryptographic keys and a handshake that only controls for the string “Unitree”, and also includes unsanited user data that is interconnected in Shell commands, the system runs.
These elements are combined into an unusual straight path from a network package to arbitrary code execution.
Because the exposed service accepts wireless connections, a compromised device may receive commands and try to influence units within the radio area.
It changes the threat model from a single utilized device to potential lateral movement over nearby devices.
The researchers say utilization utilizes a bluetooth low energy and Wi-Fi configuration service.
This means that a compromised device can receive commands of wireless links and potentially try to influence devices within the radio area.
The researchers describe parts of the Unipwn chain as “wormbar”, which means that successful utilization can allow malicious code to persist and try propagation, which increases the risk because it can allow automated spread between available devices.
Still, wormbar behavior observed in tests does not guarantee rapid reproduction in the real world.
Spreading in the real world depends on unity configuration, network segmentation, firmware diversity, physical proximity, vendor patch pace and operator practice.
Controlled laboratory tests may show a capacity, but field formation will be shaped by these operational factors.
Thus, this first robotic-to-robot virus infection remains unlikely, although producers and operators would be unclear to treat this as a distant theoretical threat.
Independent research into jailbreaking LLM-driven robots increases the speed of these technical findings.
A project known as Robopair demonstrated that carefully designed requests can force robot controllers, including Unitree Go2, to perform harmful actions.
Reported scenarios include conversion of robots to hidden surveillance platforms and guides them to place explosives.
The Robopair team reported high success rates as it provided the target robot’s API and formatted requests that API performed as code.
By combining low-level LLM jailbreak techniques expands the attack surface.
This is because a single compromise can both defeat model protection measures and perform arbitrary system commands.
Therefore, this disclosure should result in immediate mitigation efforts, clearer supplier communication and realistic threat modeling to avoid preventive damage.
The nature of this error is technically remarkable and if they are weapons, the consequences can be serious.
Via Toms Hardware
Follow Techradar on Google News and Add us as a preferred source To get our expert news, reviews and meaning in your feeds. Be sure to click the Follow button!
And of course you can too Follow Techradar at Tiktok For news, reviews, unboxings in video form and get regular updates from us at WhatsApp also.
