BMW

Commercially available Unitree robots are susceptible to multiple vulnerabilities, including hardcoded keys and command injection, allowing attackers to gain root-level access, exfiltrate data, and potentially create physical botnets.

A crafted payload can force memory allocations of up to 16 GB, leading to a denial-of-service condition in applications using the Zserio serialization framework, including those within the automotive Navigation Data Standard (NDS).