Allegations that the Unitree G1 establishes telemetry streams to Chinese servers within five seconds of startup have ignited fresh scrutiny of data governance around humanoid robots in the workplace, according to new security reporting in October 2025 [2]. In parallel, a wormable Bluetooth Low Energy (BLE) exploit disclosed 20 September enables root takeover and rapid spread across Unitree models, compounding fleet-level risks, researchers and trade press warn [1][3]. With analysts estimating China controls 70% of humanoid-robot supply chains and annual sales could reach one million units by 2030, the strategic exposure is no longer theoretical [4].

Key Takeaways

– reveals Unitree G1 establishes telemetry within 5 seconds and auto-reconnects, streaming AV and sensor data to Chinese servers without user consent [2] – demonstrates UniPwn BLE flaw disclosed 20 September enables root takeover and wormable spread across Go2, B2, G1 and H1 fleets within minutes [1] – indicates proof-of-concept code appeared in early October 2025; hardcoded keys ease botnet creation; vendor later said most issues were fixed [3] – suggests China controls 70% of robot supply chains and annual humanoid sales could hit 1,000,000 units by 2030, magnifying risk [4] – shows public-sector pilots face scrutiny: Taipei’s 28 August 2025 Unitree patrol robot purchase drew “Trojan horse” warnings and security reviews [5]

What researchers found about Unitree G1 telemetry

Security Boulevard reports the Unitree G1 initiates a persistent telemetry session within five seconds of boot, then automatically reconnects if interrupted, without soliciting user consent [2]. The data reportedly includes live audio, video and multi-sensor feeds, streamed to servers located in China, raising immediate questions about corporate confidentiality and cross-border data transfers [2]. Researchers cited in the report warn that this persistent exfiltration pathway could violate GDPR and CCPA, especially in environments where employees and customers are recorded by default [2]. The G1’s Intel RealSense cameras and two microphones provide the raw inputs that make covert corporate surveillance technically trivial once connectivity is established, the report adds [2].

UniPwn exploit puts Unitree G1 fleets at risk

The telemetry allegation lands the same month as UniPwn, a wormable BLE vulnerability disclosed 20 September by researchers Andreas Makris and Kevin Finisterre that permits root-level takeover of Unitree Go2, B2, G1 and H1 robots [1]. IEEE Spectrum reported on 25 September 2025 that UniPwn can automate lateral spread, with experts warning a compromised device could infect a fleet and form a large-scale botnet within minutes [1]. PC Gamer added in early October 2025 that proof-of-concept code had been released on GitHub and that the flaw leverages hardcoded keys, drastically lowering the barrier for attackers to chain takeovers [3]. Unitree later responded on LinkedIn claiming most vulnerabilities were resolved, but security experts criticized the delayed and opaque vendor response timeline [3].

Supply chains and scale: why the Unitree G1 stakes are rising

Even isolated telemetry or BLE issues would be consequential, but scale changes the math. Analysts told CNBC on 28 March 2025 that China leads the humanoid robot race and cited Unitree G1 adoption in factories as momentum toward broader deployment [4]. They estimated China controls about 70% of the relevant component supply chains, concentrating risk if design decisions embed insecure defaults or data pathways by default [4]. Bank of America’s forecast that yearly humanoid sales could reach one million units by 2030 underscores how quickly vulnerabilities could be amplified into economy-wide exposure if not addressed now [4]. In supply-chain terms, even a 1% failure rate at that scale could affect 10,000 robots in a single year [4].

Public-sector flashpoint: Taipei’s Unitree patrol robot row

Concerns aren’t confined to private industry. On 28 August 2025, Taipei’s city council faced backlash for purchasing a Unitree patrol robot, with opponents calling it a “Trojan horse” that might map sensitive areas and capture panoramic imagery useful to Chinese military planners [5]. Officials characterized the purchase as a trial, but opposition councillors and outside experts urged cancellation or alternatives in light of national security and export-control implications [5]. The incident shows how rapidly procurement decisions can become geopolitical flashpoints when data flows and remote control vectors are unclear or contested [5].

Compliance and procurement questions for Unitree G1 buyers

If a robot streams audio, video and sensor data to overseas servers within five seconds of power-on, an enterprise must immediately evaluate legal obligations under GDPR and CCPA, Security Boulevard’s reporting suggests [2]. Continuous exfiltration without explicit employee or bystander consent could contravene purpose limitation and notice requirements, particularly in workplaces, retail floors, hospitals, and logistics hubs where bystanders are routinely captured [2]. Beyond privacy law, firms should assess trade-compliance exposure if telemetry includes high-resolution mapping or panoramic imagery that could be treated as sensitive under national-security regimes, as argued in the Taipei debate [5]. For regulated industries, audit trails documenting device configuration, network egress, and consent capture would become essential artifacts for regulators and insurers [2][5].

What to watch next for the Unitree G1: patches, audits, and risk scoring

UniPwn’s timeline matters. Researchers disclosed on 20 September; IEEE Spectrum published on 25 September; PC Gamer noted a proof-of-concept in early October and a later LinkedIn statement from Unitree asserting fixes [1][3]. Security teams should treat G1 fleets as potentially exploitable until verification is complete: BLE interfaces, hardcoded keys, and root-access vectors are textbook pathways for wormable botnets, and experts say they can spread in minutes [1][3]. Meanwhile, the telemetry allegations demand independent audits: packet captures, destination IP verification, and network egress controls can test whether five-second auto-telemetry to Chinese endpoints occurs in real deployments [2]. For business continuity, procurement teams should quantify vendor lock-in risk given China’s 70% supply-chain control and the 2030 million-unit adoption trajectory [4].

Strategic implications if the allegations hold

If third-party validation confirms five-second startup telemetry to Chinese servers, Unitree G1 deployments could require immediate segmentation, offline modes, or suspension in sensitive environments while regulators evaluate cross-border data transfer implications [2]. Industrial operators might revisit deployment roadmaps and SLAs, shifting toward devices with proven local-processing modes and auditable, opt-in telemetry, particularly in EU and California jurisdictions attentive to GDPR/CCPA enforcement [2]. Public agencies would face higher evidentiary thresholds for procurement, echoing Taipei’s experience, where even a trial buy triggered legislative and national-security reviews before full-scale rollout [5]. Combined with a wormable exploit, any default “phone-home” behavior risks turning robots from productivity tools into fleet-sized reconnaissance assets in minutes, a scenario experts highlighted post-UniPwn [1][3].

Market outlook: balancing innovation and oversight

None of this negates the productivity rationale behind humanoids; analysts expect up to one million annual sales by 2030 as labor shortages persist and automation advances [4]. However, security fundamentals—no hardcoded keys, authenticated BLE, explicit consent flows, and user-controlled telemetry—must scale alongside units, or the cumulative risk grows nonlinearly with each added device [1][3]. The concentration of supply-chain control at roughly 70% in China magnifies any design missteps, turning an engineering shortcut into a global exposure once robots are deployed across factories, warehouses, and public spaces [4]. Transparent post-mortems and third-party pen tests should be standard release gates for any Unitree G1 update cycle going forward, given the stakes outlined by recent reporting [1][2][3][4].

Sources:

[1] IEEE Spectrum – Exploit Allows for Takeover of Fleets of Unitree Robots: https://spectrum.ieee.org/amp/unitree-robot-exploit-2674029717

[2] Security Boulevard – Humanoid Robots are Walking Trojan Horses — And They’re Already in the Workplace: https://securityboulevard.com/2025/10/humanoid-robots-are-walking-trojan-horses-and-theyre-already-in-the-workplace/ [3] PC Gamer – Horrible news: exploit found in humanoid robots capable of ‘creating a robot botnet’ over Bluetooth: https://www.pcgamer.com/hardware/horrible-news-exploit-found-in-humanoid-robots-capable-of-creating-a-robot-botnet-that-spreads-without-user-intervention-over-bluetooth/

[4] CNBC – China already ahead of U.S. in humanoid robot race, analysts say: www.cnbc.com/2025/03/28/china-already-ahead-of-us-in-humanoid-robot-race-analysts-say-.html” target=”_blank” rel=”nofollow noopener noreferrer”>https://www.cnbc.com/2025/03/28/china-already-ahead-of-us-in-humanoid-robot-race-analysts-say-.html [5] The Guardian – Taipei City council in the dog house over Chinese-made patrol robot: www.theguardian.com/world/2025/aug/28/taipei-city-council-in-the-dog-house-over-chinese-made-patrol-robot” target=”_blank” rel=”nofollow noopener noreferrer”>https://www.theguardian.com/world/2025/aug/28/taipei-city-council-in-the-dog-house-over-chinese-made-patrol-robot

Image generated by DALL-E 3