Assessment
CFSE Consequence Paths assesses Unitree Go2 Android-app database tampering RCE (CVE-2026-27510) at CRITICAL — the worst of 2 risk paths (safety, perception). The dominant consequence is exposure of sensor or biometric data.
Vulnerability
Unitree Go2 Android-app database tampering RCE (CVE-2026-27510). Reported attack vector: Local (rooted Android device with app DB access).
CFSE Consequence Paths analysis
The vulnerability is decomposed into one risk path per terminal consequence. Each path is scored on its exposure (reachability × execution complexity) and the authority, perception, and physical/safety it reaches, together with its scale of reuse, scale of execution, and recoverability.
DEVICE_CONTROL_SAFETY → HIGH
CPATH:1.0-candidate/TT:DEVICE_CONTROL_SAFETY/RE:3/EC:2/EX:2/PH:3/DP:3/AT:3/CH:3/SR:3/SX:1/OR:3/EV:3/LS:PATCH_AVAILABLE
Exposure EX=2 (execution complexity-bound) · bands PH=HIGH · DP=HIGH · AT=HIGH → base HIGH → assessed HIGH.
- Attacker uses their own rooted Android device + ADB to extract, tamper, and restore the app’s SQLite DB (own artifact / privileged access to a controlling phone, no victim hardware touched) -> RE:3. EC:2 advanced-but-reproducible: needs rooted device, DB manipulation, and the operator to trigger the keybinding; researcher demonstrated full chain. AT:3 root-level command execution on the robot via the actuator_manager path (device command/firmware-level authority, not a signing/OTA root, so not 4). PH:3 root + motion control yields direct unsafe actuation and bystander safety risk; credible but not demonstrated injury/life-support so 3 not 4. DP:3 root grants sensor/firmware/op-state access. CH:3 crosses app -> device/physical -> safety boundaries (boundary_crossing true) but not a reusable cross-domain key bridge. SR:3 same systemic root cause (no robot-side content validation) generalizes across affected units, but it is a shared design flaw not a portable key/default cred (not 4). SX:1 per-device: each exploit needs a rooted operator phone and physical/privileged access, not wormable. OR:3 real fix is robot-side validation of uploaded Python; app DB hardening insufficient; cleanup needs removing tampered dog_programme entries, but no fleet recall/signing-root rotation so not 4. EV:3 reproduced.
- perception_feeds_action — false: this path is actuation, not exposed perception driving action.
- active_exploitation — false (alternate-path research disclosure).
PERCEPTION_PRIVACY → CRITICAL
CPATH:1.0-candidate/TT:PERCEPTION_PRIVACY/RE:3/EC:2/EX:2/PH:3/DP:4/AT:3/CH:2/SR:3/SX:1/OR:3/EV:2/LS:PATCH_AVAILABLE
Exposure EX=2 (execution complexity-bound) · bands PH=HIGH · DP=CRITICAL · AT=HIGH → base CRITICAL · caps privacy-only cap → assessed CRITICAL.
- Same access and injection chain (RE:3 own rooted phone / app DB, EC:2 reproducible-but-advanced) gives root on the robot, which grants live camera and sensor access for exfiltration. DP:4 live-camera / spatial sensor state. AT:3 root execution authority enabling the read. PH:1 privacy exfiltration is at most a nuisance to physical safety on this path. CH:2 enables further access but is not a reusable cross-domain authority bridge;
- boundary_crossing — true (device -> app/exfil). SR:3 systemic no-validation root cause generalizes across units; not a portable key. SX:1 per-device, needs rooted operator phone each time, not wormable. OR:3 same robot-side validation fix and entry cleanup, no fleet rotation. EV:2 report-backed: exfil is described as a capability of root but the primary demonstrated impact was code execution, not the camera exfil itself.
- perception_feeds_action — false: the exposed perception is exfiltrated data, not feeding the robot’s own physical/navigation action on this path.
- active_exploitation — false.
Published baseline
- v4.0 6.4 MEDIUM —
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X — VulnCheck via NVD
- v3.1 9.6 CRITICAL —
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H — VulnCheck via NVD
- v3.1 8.8 HIGH —
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H — NVD
The published baseline above is retained for source review. Paths decomposes the consequence into authority, perception, safety, scale, and recoverability paths rather than using the baseline score as the primary registry frame.
Sources