CVE-2022-2675

medium

Description

Using off-the-shelf commodity hardware, the Unitree Go 1 robotics platform version H0.1.7 and H0.1.9 (using firmware version 0.1.35) can be powered down by an attacker within normal RF range without authentication. Other versions may be affected, such as the A1.

References

Advisories

https://www.mybotshop.de/Datasheet/Unitree_A1_User_Manual_v1.0.pdf

https://twitter.com/d0tslash/status/1555326302462394370

https://fccid.io/2A5PE-YUSHU001/Users-Manual/User-Manual-5810729

Details

Source: Mitre, NVD

Published: 2022-08-05

Updated: 2023-06-28

Risk Information

CVSS v2

Base Score: 6.1

Vector: CVSS2#AV:A/AC:L/Au:N/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Severity: Medium

EPSS

EPSS: 0.00034