CVE-2025-60251 is a vulnerability identified in Unitree robotic devices, specifically the Go2, G1, H1, and B2 models, affecting firmware versions up to and including the date 2025-09-20. The core issue is classified under CWE-306, which refers to Missing Authentication for Critical Function. In this case, the devices accept any handshake secret containing the substring "unitree" without proper authentication verification. This means that an attacker who can initiate a handshake with the device and provide a secret containing "unitree" can bypass authentication controls. The vulnerability allows unauthorized entities to interact with the device's critical functions, potentially leading to unauthorized control or manipulation. The CVSS v3.1 base score is 5.0 (medium severity), with the vector indicating that the attack requires adjacent network access (AV:A), high attack complexity (AC:H), no privileges required (PR:N), no user interaction (UI:N), unchanged scope (S:U), and low impact on confidentiality, integrity, and availability (C:L/I:L/A:L). Although the impact on confidentiality, integrity, and availability is rated low, the lack of proper authentication on critical functions can lead to unauthorized command execution or data manipulation, which is significant in robotic systems that may perform physical actions. No patches or known exploits in the wild have been reported as of the publication date. The vulnerability highlights a fundamental security design flaw in the authentication mechanism of Unitree devices, potentially exposing them to unauthorized access and control by attackers within the network range.

For European organizations deploying Unitree robotic devices such as Go2, G1, H1, and B2, this vulnerability poses a risk of unauthorized access to robotic systems. These devices are often used in research, industrial automation, logistics, and other operational environments. An attacker exploiting this vulnerability could issue unauthorized commands, potentially causing operational disruptions, safety hazards, or data integrity issues. Although the CVSS score rates the impact as low to medium, the physical nature of robotic devices elevates the risk, as unauthorized control could lead to physical damage or safety incidents. European organizations with these devices connected to internal or adjacent networks are at risk, especially if network segmentation or additional authentication layers are not implemented. The absence of known exploits suggests limited current active exploitation, but the vulnerability's simplicity (accepting any handshake secret with "unitree") means it could be easily exploited by insiders or attackers with network access. This could affect sectors such as manufacturing, research institutions, and logistics companies that rely on these robots for automation and operational efficiency.

1. Network Segmentation: Isolate Unitree devices on dedicated network segments with strict access controls to limit exposure to adjacent network attackers. 2. Access Control: Implement strict network access controls and monitoring to detect unauthorized handshake attempts or unusual communication patterns with Unitree devices. 3. Vendor Coordination: Engage with Unitree to obtain firmware updates or patches addressing this authentication flaw as soon as they become available. 4. Custom Authentication Layer: Where possible, deploy additional authentication mechanisms at the network or application layer to supplement the device's weak handshake authentication. 5. Physical Security: Ensure physical security controls to prevent unauthorized local network access to the devices. 6. Monitoring and Logging: Enable detailed logging of device interactions and monitor for handshake attempts containing the "unitree" substring or other suspicious activity. 7. Incident Response Preparedness: Prepare incident response plans specific to robotic device compromise scenarios to quickly contain and remediate potential exploitation.