CVE-2025-41109
published 2025-10-22CVE-2025-41109: Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors and a USB Type-C port. The vulnerability is due to the lack of…
PriorityP429medium4.6CVSS 3.1
AVPACLPRNUINSUCHINAN
EPSS
0.60%
44.2th percentile
Ghost Robotics Vision 60 v0.27.2 includes, among its physical interfaces, three RJ45 connectors and a USB Type-C port. The vulnerability is due to the lack of authentication mechanisms when establishing connections through these ports. Specifically, with regard to network connectivity, the robot's internal router automatically assigns IP addresses to any device physically connected to it. An attacker could connect a WiFi access point under their control to gain access to the robot's network without needing the credentials for the deployed network. Once inside, the attacker can monitor all its data, as the robot runs on ROS 2 without authentication by default.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ghost_robotics | vision_60 | — | — |
| ghostrobotics | vision_60_firmware | — | — |
CVSS provenance
nvdv3.14.6MEDIUMCVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
nvdv4.08.7HIGHCVSS:4.0/AV:A/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
arXiv
Cybersecurity of Teleoperated Quadruped Robots: A Systematic Survey of Vulnerabilities, Threats, and Open Defense Gaps
arxiv_fulltext·2026-02-26
Cybersecurity of Teleoperated Quadruped Robots: A Systematic Survey of Vulnerabilities, Threats, and Open Defense Gaps
Cybersecurity of Teleoperated Quadruped Robots: A Systematic Survey of Vulnerabilities, Threats, and Open Defense Gaps
Mohammad Sabouri\,0000-0002-2568-3253
Department of Informatics, Bioengineering,
Robotics and Systems Engineering (DIBRIS)
University of Genoa
Genoa, Italy
[email protected]
## Abstract
Teleoperated quadruped robots are increasingly deployed in
safety-critical missions---industrial inspection, military
reconnaissance, and emergency response---yet the security of
communication and control infrastructure linking operators to
remote platforms remains insufficiently characterized. Quadrupeds
present distinct security challenges arising from dynamic stability
constraints, gait-dependent vulnerability windows, substantial
kinetic energy, and elevated operator cog
arXiv
Procedimiento de auditoría de ciberseguridad para sistemas autónomos: metodología, amenazas y mitigaciones
arxiv_fulltext·2025-11-07
Procedimiento de auditoría de ciberseguridad para sistemas autónomos: metodología, amenazas y mitigaciones
## Abstract
El despliegue de sistemas autónomos ha experimentado un crecimiento notable en los últimos años, impulsado por su integración en sectores como la industria, la medicina, la logística o el ámbito doméstico. Esta expansión llega acompañada de una serie de problemas de seguridad que adquieren un elevado riesgo debido a la criticidad de los sistemas autónomos, especialmente aquellos que operan en entornos de interacción con humanos. Además, el avance tecnológico y la elevada complejidad operacional y arquitectónica de los sistemas autónomos tiene como consecuencia un aumento en su superficie de ataque. En este artículo se presenta un procedimiento específico de auditoría de seguridad para sistemas autónomos, basado en una metodología estructurada por capas, una taxonomía de amenaz
2025-10-22
Published