
"Pudu Robotics is a Chinese robot manufacturer with over 100,000 units in over 1,000 cities doing everything from serving meals with the cat-like BellaBot, to using its mechanical-armed FlashBot to operate human-designed systems like elevators, as you can see below. According to analysts Frost and Sullivan, last year it captured 23 percent of the market for such kit, but a hacker has found that the backend software systems controlling them are vulnerable to abuse."
"White-hat hacker Bobdahacker, who exposed the free-food flaw in McDonald's ordering system earlier this month, has been digging into Pudu and found she could exploit the control software behind the robots because administrators hadn't locked down access. To do so, an attacker must have a valid auth token, which can be snaffled using a cross-site scripting intrusion, or someone could just set up an account to try before you buy a robot, she told The Register."
"With this level of access, an attacker could redirect food orders or shut down the entire fleet of restaurant robots in a DDoS food attack. Crims could also make FlashBot foul office systems up or steal intellectual property. Once she got past the initial authentication test, Bobdahacker found there were no extra security checks, enabling anyone to reset orders, move the robots to new locations, and rename them to make recovery that much harder."
Pudu Robotics operates over 100,000 service robots across more than 1,000 cities, including models like BellaBot and FlashBot, and held about 23% market share. A security researcher found that administrative access to the backend control systems was insufficiently secured, allowing authentication tokens to be obtained via cross-site scripting or account creation. Once authenticated, attackers faced no additional checks and could reset orders, move and rename robots, redirect deliveries, or shut down fleets, enabling DDoS-style disruptions and potential theft or misuse of connected systems. Initial attempts to notify the vendor did not produce a timely response.
Read at Theregister
Unable to calculate read time
Collection
[
|
...
]