• Security Disclosure;
• Arxiv.

A critical vulnerability in the Bluetooth Low Energy (BLE) Wi-Fi configuration interface used by several different Unitree robots can result in a root level takeover by an attacker, security researchers disclosed on 20 September. The exploit impacts Unitree’s Go2 and B2 quadrupeds and G1 and H1 humanoids. Because the vulnerability is wireless, and the resulting access to the affected platform is complete, the vulnerability becomes wormable, say the researchers, meaning “an infected robot can simply scan for other Unitree robots in BLE range and automatically compromise them, creating a robot botnet that spreads without user intervention.”

Initially discovered by security researchers Andreas Makris and Kevin Finisterre, UniPwn takes advantage of several security lapses that are still present in the firmware of Unitree robots as of 20 September, 2025. As far as IEEE Spectrum is aware, this is the first major public exploit of a commercial humanoid platform.