Cyber Resilience

CVE-2026-27509

HighPublic PoC

Published: 26 February 2026

Published
26 February 2026
Modified
26 May 2026
KEV Added
Patch
CVSS Score v4 8.5 CVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
EPSS Score 0.0048 37.7th percentile
Risk Priority 55 floored blend · peak EPSS

Summary

CVE-2026-27509 is a high-severity Missing Authentication for Critical Function (CWE-306) vulnerability in Unitree Go2 Firmware. Its CVSS base score is 8.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploit Public-Facing Application (T1190); ranked at the 37.7th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 AC-3 (Access Enforcement) and IA-3 (Device Identification and Authentication).

Deeper analysis

CVE-2026-27509 affects Unitree Go2 firmware versions V1.1.7 through V1.1.9 and V1.1.11 (EDU), stemming from a lack of DDS authentication or authorization in the Eclipse CycloneDDS topic rt/api/programming_actuator/request, which is handled by actuator_manager.py. This vulnerability, classified under CWE-306 (Missing Authentication for Critical Function), has a CVSS v3.1 base score of 8.0 (AV:A/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H). It was published on 2026-02-26.

A network-adjacent, unauthenticated attacker can exploit this by joining DDS domain 0 and publishing a crafted message with api_id=1002 containing arbitrary Python code. The Unitree Go2 robot processes this message by writing the code to disk under /unitree/etc/programming/ and binding it to a physical controller keybinding. When the keybinding is pressed, the code executes with root privileges, and the binding persists across reboots, enabling high-impact confidentiality, integrity, and availability violations.

Advisories and additional details are available in the following references: https://boschko.ca/unitree-go2-rce/, https://shop.unitree.com/products/unitree-go2, and https://www.vulncheck.com/advisories/unitree-go2-missing-dds-authentication-enables-adjacent-rce.

OWASP Top 10 for Web (2025)

EU & UK References

Vulnerability details

Unitree Go2 firmware versions V1.1.7 through V1.1.9, and V1.1.11 (EDU) do not implement DDS authentication or authorization for the Eclipse CycloneDDS topic rt/api/programming_actuator/request handled by actuator_manager.py. A network-adjacent, unauthenticated attacker can join DDS domain 0 and publish a crafted message…

more

(api_id=1002) containing arbitrary Python, which the robot writes to disk under /unitree/etc/programming/ and binds to a physical controller keybinding. When the keybinding is pressed, the code executes as root and the binding persists across reboots.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1190 Exploit Public-Facing Application Initial Access
Adversaries may attempt to exploit a weakness in an Internet-facing host or system to initially access a network.
T1059.006 Python Execution
Adversaries may abuse Python commands and scripts for execution.
Why these techniques?

Missing DDS authentication enables unauthenticated network-adjacent publishing to actuator_manager.py, directly facilitating T1190 exploitation of the exposed service and T1059.006 execution of attacker-supplied Python code that achieves root persistence.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-27510Same product: Unitree Go2
CVE-2026-42796Shared CWE-306
CVE-2026-4810Shared CWE-306
CVE-2025-53847Shared CWE-306
CVE-2025-61757Shared CWE-306
CVE-2025-68715Shared CWE-306
CVE-2026-21992Shared CWE-306
CVE-2025-26362Shared CWE-306
CVE-2026-48692Shared CWE-306
CVE-2022-50981Shared CWE-306

Affected Assets

unitree
go2 firmware
1.1.7 — 1.1.9
unitree
go2 edu firmware
1.1.11

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

Directly enforces authentication and authorization on the rt/api/programming_actuator/request DDS topic before actuator_manager.py accepts or writes the api_id=1002 Python payload.

prevent

Requires cryptographic or equivalent device identification before any participant can join DDS domain 0 and publish to the unauthenticated programming_actuator topic.

prevent

Boundary-protection rules can restrict DDS traffic to only authorized adjacent hosts, blocking the network-adjacent unauthenticated attacker path described in the CVE.

References