The Unitree Go2 firmware from 1.1.7 through 1.1.11 is vulnerable because the Android application that manages user‑created programs does not validate the integrity of the stored program records. The program definition, particularly the python code field, is stored in a local SQLite database and later transmitted to the robot, where a server‑side script executes it as root. An attacker who can edit the Android device’s database can inject arbitrary python that runs when the user triggers a keybinding, and that malicious binding remains after a device reboot. Consequently, a malicious program shared through the community marketplace can execute on any robot that imports and runs it, allowing an attacker to gain unrestricted root control of the robot and potentially compromise its communications or command interface.

The vulnerability affects Unitree Robotics’ Unitree Go2 robot, with firmware versions 1.1.7 up to 1.1.11. The Android client application com.unitree.doggo2 is required for the attack to be possible, and any robot running the affected firmware and using the application carries the risk.

The CVSSv3 score of 6.4 indicates a medium‑to‑high impact, while the EPSS score of less than 1% suggests that exploitation is currently unlikely. The vulnerability is not listed in the CISA KEV catalogue. However, the risk to any connected system employing the flawed firmware remains significant: an attacker with local Android device access could install malicious code that is executed with root privileges on the robot. If the marketplace feature is enabled, community sharing of unreviewed programs also provides an attack vector that could affect any robot capable of importing such code.