← Back to CVEs

CVE-2022-2675

MEDIUM

6.5

Description

Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1.

CVE Details

CVSS v3.1 Score6.5

SeverityMEDIUM

CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack VectorADJACENT_NETWORK

ComplexityLOW

Privileges RequiredNONE

User InteractionNONE

Published8/5/2022

Last Modified11/21/2024

Sourcenvd

Honeypot Sightings0

Affected Products

unitree:go_1unitree:go_1_firmware

Weaknesses (CWE)

CWE-285

References

https://fccid.io/2A5PE-YUSHU001/Users-Manual/User-Manual-5810729(cve@rapid7.com)

https://twitter.com/d0tslash/status/1555326302462394370(cve@rapid7.com)

https://www.mybotshop.de/Datasheet/Unitree_A1_User_Manual_v1.0.pdf(cve@rapid7.com)

https://fccid.io/2A5PE-YUSHU001/Users-Manual/User-Manual-5810729(af854a3a-2127-422b-91ae-364da2661108)

https://twitter.com/d0tslash/status/1555326302462394370(af854a3a-2127-422b-91ae-364da2661108)

https://www.mybotshop.de/Datasheet/Unitree_A1_User_Manual_v1.0.pdf(af854a3a-2127-422b-91ae-364da2661108)

IOC Correlations

No correlations recorded

This product uses data from the NVD API but is not endorsed or certified by the NVD.