A serious vulnerability in the Bluetooth Low Energy (BLE) Wi-Fi configuration interface of several Unitree robots could allow attackers to gain root-level control, researchers disclosed on September 20, 2025. The exploit, dubbed UniPwn, affects Unitree’s Go2 and B2 quadrupeds, as well as G1 and H1 humanoids. Because the flaw operates over wireless connections, it is “wormable,” meaning an infected robot could automatically compromise others within BLE range, creating a self-propagating robot botnet.