Horrible news: exploit found in Humanoid robots capable of 'creating a robot botnet that spreads without user intervention' over Bluetooth
The only thing more haunting than a robot that can hack other robots is a robot that can hack other robots, which can also walk. An author claims that humanoid robots from manufacturer Unitree are vulnerable to an exploit that embeds "themselves on the devices and then infect the next devices in range", and it's estimated to affect the entire new generation product line.
This is all according to Andreas Makris, aka Bin4ryDigit on X, and Kevin Finisterre (via Hackaday). They have a GitHub page going over their findings, as well as their attempts to reach out to Unitree. Bin4ryDigit claims UniPwn (the exploit) is "the first public exploit of humanoid robots".
The GitHub shows that the security handshake made between devices is "laughably simple", with it just looking for "unitree" in encrypted packets. This means that, should it be asked to receive data, it checks if the other user is authenticated with a simple string. Once connected, it checks the serial number, initialises the Wi-Fi mode, and sets the country code.
Within this grouping of activities, bad actors can inject payloads, which ultimately allows them to give commands with root privileges, ie taking control.
What makes this specific exploit dangerous is that it can execute commands like injecting malware, and it can even be used to spread to other nearby robots. The GitHub states, "An infected robot can simply scan for other Unitree robots in BLE range and automatically compromise them, creating a robot botnet that spreads without user intervention." BLE standing for Bluetooth Low Energy, the modern Bluetooth specification.
Here it is, the first public exploit of Humanoid Robots from @d0tslash and me:https://t.co/8jHPDHTvqcBut this vulnerability is present in the whole new generation product line of @UnitreeRobotics . The vulnerability is even wormable, an attacker can not only take over the…September 20, 2025
Those who spotted the hack claim to have reached out via multiple emails, where "Unitree showed no meaningful engagement or interest in addressing the security issues". This report claims "No acknowledgment or remediation timeline was provided."
Bin4ryDigit states they have "followed responsible disclosure practices and are working with Unitree to address these issues."
Though in the days since the report went public, Unitree has since responded with a statement on its LinkedIn. In it, it says that it has "completed the majority of fixes."
"We have become aware that some users have discovered security vulnerabilities and network-related issues while using our robots. We immediately began addressing these concerns and have now completed the majority of the fixes. These updates will be rolled out to you in the near future.
"At Unitree, we have always placed great emphasis not only on protecting user privacy but also on ensuring the cybersecurity and information security of our products and systems. Without user authorization, we do not collect any private or sensitive data. We are committed to continuously improving and refining our products to provide you with safer and more reliable solutions. Additionally, we will adopt more advanced technical solutions to eliminate vulnerabilities and concerns."
The statement continues, "Thank you for your supervision and for helping us identify vulnerabilities. Let's work together to advance progress in the field of intelligent robot safety."
"Unitree, as other manufacturers do, has simply ignored prior security disclosures and repeated outreach attempts", claims Víctor Mayoral-Vilches, the founder of robotics cybersecurity company Alias Robotics (via Spectrum). Mayoral-Vilches ran a workshop this week at the IEEE Humanoids Conference in Seoul titled "Humanoid Robots as Attack Vectors", which is truly a horrible phrase.
If you're wondering where you know the name Unitree, it has popped up for a few rather strange purposes over the last year or so. Here are just a couple of reasons why:
- Playfully named 'uncle bot' on social media because of its clothes, one was spotted frolicking around China
- A version of its robot dog did handstands at CES 2025
- One went on sale this year for $6,000, which looked very similar to one spotted falling over on Reddit
- Some Unitree robots took part in the first robot martial arts tournament.
I much prefer when robots are wearing funny clothes and falling over, rather than creating networks of walking hacking machines, but I don't know about you.