Overview
- Description
- Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1.
- Source
- cve@rapid7.com
- NVD status
- Analyzed
Risk scores
CVSS 3.1
- Type
- Primary
- Base score
- 6.5
- Impact score
- 3.6
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
- Severity
- MEDIUM
Weaknesses
- nvd@nist.gov
- NVD-CWE-Other
- cve@rapid7.com
- CWE-285
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:unitree:go_1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "8C77CEE9-1D52-4232-B246-2DD22AB67164",
"versionEndIncluding": "0.1.35"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:unitree:go_1:h0.1.7:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "D11F4C4B-BBC2-4DEF-B007-F4A41B63B73F"
}
],
"operator": "OR"
}
],
"operator": "AND"
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:unitree:go_1_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "769D23CA-EB8D-47AB-BA82-80171020F1F2",
"versionEndExcluding": "0.1.35"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:unitree:go_1:h0.1.9:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "A1B1F3C7-D3F5-4390-9C53-DFF17EE6DA3A"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]