Published: September 29, 2025
Estimated Reading Time: 2 minutes
Unitree Robotics Tackles Bluetooth Security Flaws in Key Robot Models
Unitree Robotics, a prominent Chinese robotics manufacturer, has recently addressed significant Bluetooth vulnerabilities affecting several of its popular robots, including the Go2, G1, H1, and B2 models. The company has resolved the majority of these security issues and is preparing to roll out a comprehensive software update to enhance protection.
Background on the Bluetooth Security Concerns
On September 20, 2025, cybersecurity researchers revealed critical weaknesses in the Bluetooth Low Energy (BLE) Wi-Fi configuration of Unitree’s robots. These flaws potentially allowed attackers to wirelessly infiltrate and seize control of the affected units. Notably, the vulnerabilities exhibited a “worm-like” behavior, enabling compromised robots to autonomously scan for and infect other Unitree robots within Bluetooth range, potentially creating a self-propagating botnet without any human intervention.
Unitree’s Response and Security Measures
In response to these revelations, Unitree Robotics issued a statement on September 29, 2025, confirming that most of the identified vulnerabilities have been patched. The company emphasized that its robots are primarily designed to operate offline by default, requiring explicit user permission to connect to the internet. When connected, the robots only transmit minimal data such as serial numbers and operational health metrics to servers located in Singapore or regional data centers. This approach is intended to safeguard user privacy by preventing unauthorized collection of sensitive information.
Furthermore, Unitree committed to enhancing its permission management system to prevent any future misunderstandings regarding data access and connectivity. This proactive stance aims to bolster user trust and reinforce the security framework of their robotic platforms.
Historical Context and Industry-Wide Challenges
This is not the first time Unitree has confronted security challenges. In July 2022 and again in early September 2025, the company addressed incidents involving unauthorized access to management keys for a third-party cloud service linked to the discontinued Go1 robot model. Hackers exploited these keys to manipulate data and gain control over affected units. Importantly, this cloud service was phased out in newer models, which remain unaffected by these breaches.
Industry experts note that Unitree is not alone in facing such vulnerabilities. The risk posed by unsecured robots is a growing concern across the robotics sector, yet many companies tend to underreport or avoid public discussions about these security threats. As robotics technology becomes increasingly integrated into daily life and industry, addressing these risks transparently is crucial for the safe deployment of autonomous systems.
Looking Ahead: Strengthening Robot Security
With the upcoming software update, Unitree Robotics aims to set a new standard for security in consumer and commercial robotics. By prioritizing robust encryption, improved access controls, and transparent data policies, the company hopes to mitigate risks associated with wireless exploitation and unauthorized control.
As of 2025, the global robotics market continues to expand rapidly, with an estimated 30% annual growth in autonomous robot deployments across manufacturing, logistics, and service sectors. This growth underscores the importance of securing robotic platforms against emerging cyber threats to protect users and maintain operational integrity.
