CVE-2025-41110

Name of the Vulnerable Software and Affected Versions Ghost Robotics Vision 60 version 0.27.2

Description The Ghost Robotics Vision 60 APK version 0.27.2 contains exposed encrypted WiFi and SSH credentials. An attacker can connect to the robot’s WiFi network and access all its data, as the system operates on ROS 2 without default authentication. Furthermore, an attacker can connect via SSH and gain complete control of the robot, potentially causing physical damage to the robot or its surroundings.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.