Security Flaws Expose Humanoid Robots to Remote Takeover

Researchers have uncovered significant security vulnerabilities in Unitree's robotic ecosystem, demonstrating the potential for remote takeover of humanoid robots. The team identified and exploited flaws across multiple communication channels, including Bluetooth, LoRa radio, WebRTC, and cloud management services. In addition to traditional binary and web vulnerabilities, they successfully performed prompt injection on the robots' embodied AI agent, achieving root-level remote code execution. Furthermore, a flaw in the cloud management services allows for the complete takeover of any Unitree G1 robot connected to the Internet. The researchers also deobfuscated and patched the customized, VM-based obfuscated binaries, unlocking forbidden robotic movements restricted by the vendor firmware on consumer models.

These findings underscore the urgent need for security-by-design in the development of humanoid robots. As these robots become more prevalent in everyday applications, their potential for misuse increases. Attackers could remotely hijack robot operations, extract sensitive data or camera livestreams, or even weaponize the physical capabilities of the robots. The research highlights the importance of securing hardware interfaces, near-field radios, and Internet-accessible channels.

Manufacturers must prioritize security testing and vulnerability patching throughout the robot development lifecycle. Researchers and consumers also need to be equipped with the knowledge and tools to assess the security of these systems. By addressing these security challenges proactively, the robotics industry can ensure that these powerful technologies are used for good and not for harm.

Transparency Footnote: This analysis was conducted by DailyAIWire.news using publicly available information. No AI was used in the writing, editing, or fact-checking of this report.