PT-2025-39471 · Unitree · Unitree B2+3
Published
2025-09-26
·
Updated
2025-10-05
·
CVE-2025-60251
CVSS v3.1
5.0
Medium
| Vector | AV:A/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L |
Name of the Vulnerable Software and Affected Versions
Unitree Go2, G1, H1, and B2 devices through September 20, 2025
Description
The devices accept any handshake secret containing the substring 'unitree'. This allows unauthorized access and control of the devices.
Recommendations
Update devices to a version after September 20, 2025.
Fix
Missing Authentication
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Unitree B2
Unitree Go 1
Unitree Go2
Unitree H1