PT-2025-39470 · Unknown · Unitree B2+3
Published
2025-09-26
·
Updated
2025-10-05
·
CVE-2025-60250
CVSS v3.1
4.7
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Unitree Go2, G1, H1, and B2 devices through 2025-09-20
Description
The devices decrypt Bluetooth Low Energy (BLE) packet data using a fixed key (
df98b715d5c6ed2b25817b6f2554124a) and Initialization Vector (IV) (2841ae97419c2973296a0d4bdfe19a4f). This allows for decryption of BLE packet data.Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unitree B2
Unitree Go 1
Unitree Go2
Unitree H1