CVE-2026-27509
Published: 26 February 2026
Summary
CVE-2026-27509 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Unitree Go2 Firmware. Its CVSS base score is 8.5 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.
The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-3 (Device Identification and Authentication).
Deeper analysis
CVE-2026-27509 affects Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU), stemming from a lack of DDS authentication or authorization in the Eclipse CycloneDDS topic rt/api/programming_actuator/request, which is handled by actuator_manager.py. This vulnerability, classified under CWE-306 (Missing Authentication for Critical Function), has a CVSS v3.1 base score of 8.0 (AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). It was published on 2026-02-26.
A network-adjacent, unauthenticated attacker can exploit this by joining DDS domain 0 and publishing a crafted message with api_id=1002 containing arbitrary Python code. The Unitree Go2 robot processes this message by writing the code to disk under /unitree/etc/programming/ and binding it to a physical controller keybinding. When the keybinding is pressed, the code executes with root privileges, and the binding persists across reboots, enabling high-impact confidentiality, integrity, and availability violations.
Advisories and additional details are available in the following references: https://boschko.ca/unitree-go2-rce/, https://shop.unitree.com/products/unitree-go2, and https://www.vulncheck.com/advisories/unitree-go2-missing-dds-authentication-enables-adjacent-rce.
OWASP Top 10 for Web (2025)
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2026-8881
Vulnerability details
Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publish a crafted message…
more
(api_id=1002) containing arbitrary Python, which the robot writes to disk under /unitree/etc/programming/ and binds to a physical controller keybinding. When the keybinding is pressed, the code executes as root and the binding persists across reboots.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
Missing DDS authentication enables unauthenticated network-adjacent publishing to actuator_manager.py, directly facilitating T1190 exploitation of the exposed service and T1059.006 execution of attacker-supplied Python code that achieves root persistence.
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly enforces authentication and authorization on the rt/api/programming_actuator/request DDS topic before actuator_manager.py accepts or writes the api_id=1002 Python payload.
Requires cryptographic or equivalent device identification before any participant can join DDS domain 0 and publish to the unauthenticated programming_actuator topic.
Boundary-protection rules can restrict DDS traffic to only authorized adjacent hosts, blocking the network-adjacent unauthenticated attacker path described in the CVE.