Unitree G1 Security Disaster

· Source: sentdex · Field: Technology & Digital — Artificial Intelligence & Machine Learning, Robotics & Autonomous Systems, Cybersecurity & Data Privacy · Depth: Intermediate, extended

Summary

Recent security vulnerabilities have been confirmed across Unitree's robot fleet, including the G1, H1, GOT, B2, and R1 models. The primary flaw involves remote code execution (RCE) on the main board, which runs proprietary code and is typically inaccessible to users. This RCE is facilitated by hard-coded, identical AES keys used for Bluetooth Low Energy (BLE) connections across all Unitree robots. Attackers can inject arbitrary terminal commands as root into the Wi-Fi credentials field during a BLE connection, effectively gaining full control. Additionally, the robots exhibit persistent telemetry, sending data to Unitree servers even after a reboot, contradicting Unitree's claim that robots are "designed for offline use." While Unitree acknowledged "network related issues" and promised fixes, the fundamental problem of hard-coded AES keys remains unaddressed, enabling man-in-the-middle attacks and forced Wi-Fi credential updates.

Key takeaway

For robotics engineers and researchers using Unitree robots, you must assume your robot is vulnerable to remote code execution and unauthorized data transmission. Immediately disable Bluetooth or physically remove the module to prevent local RCE. To mitigate persistent telemetry, configure Wi-Fi credentials to a non-existent network, as the robot will attempt to connect and transmit data even after a reboot, regardless of explicit authorization.

Key insights

Hard-coded AES keys in Unitree robots enable remote code execution and persistent, unauthorized telemetry.

Principles

Method

Remote code execution is achieved by connecting via BLE using hard-coded AES keys, then injecting root commands into the Wi-Fi password field. Persistent telemetry is demonstrated by monitoring network traffic after updating Wi-Fi credentials via BLE.

In practice

Topics

Best for: Robotics Engineer, AI Security Engineer, Software Engineer

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by sentdex.