Pudu Robotics robots deliver food, but can also pose a threat. Hacker gained control over an army of AI assistants worldwide
A hacker needed just one token to control an army of Pudu robots across the globe.
A hacker needed just one token to control an army of Pudu robots across the globe.
Pudu Robotics, the world's largest manufacturer of commercial service robots, faced a critical security problem. An independent researcher discovered that nearly all APIs for controlling their equipment lacked proper access control checks. This meant that anyone who obtained a token could remotely control Pudu robots worldwide—from restaurant BellaBot and KettyBot models to disinfection machines in hospitals and office FlashBot units with manipulator arms and elevator system integration.
The identified vulnerabilities opened up a full range of capabilities: viewing and modifying order history, updating configurations, issuing movement commands, canceling tasks, and even globally enumerating robots by establishment IDs. Essentially, control could be seized over hundreds of thousands of devices operating daily in restaurants, hotels, medical facilities, offices, and educational institutions. The potential abuse scenarios were alarming. In a restaurant: chaotic operation of waiter robots, order blocking during peak hours, or turning them into endless "DJs" blaring music. In an office: seizing documents using a FlashBot and transporting them out via the elevator. In hospitals: altering medication delivery and disinfection routes. Finally, attackers could launch a ransomware attack, displaying a QR code for cryptocurrency payment on the built-in screens.
Despite the severity of the situation, the researcher's attempts to contact the Pudu Robotics sales team, support, and technical specialists went unanswered. Even an email blast to over 50 employees elicited no response. It was only after the specialist warned some of the company's largest clients that Pudu Robotics reacted within two days. Their response resembled a template email with an unremoved placeholder ("[Your Email Address]"), but the company promised to fix the issue as soon as possible. Indeed, within 48 hours, the vulnerabilities were patched.
Since Pudu's products are used not only in the food service industry but also in medicine and hospitality, the delayed response could have had serious consequences for patients, guests, and staff. Initially, the researcher accused the company of intentionally ignoring the reports to protect its reputation and revenue. However, the situation became clearer after a subsequent video call meeting. Pudu Robotics claims the initial emails simply never reached them, and once the information became available through other channels, the team immediately began working on fixes. This is why they were only able to contact the researcher once the updates were ready for deployment.
The company has promised to establish a dedicated security incident response center (PUDU Security Response Center), allocate a specific email address for receiving reports, and set up a more transparent process for interacting with researchers. The parties are discussing the possibility of further cooperation in the field of security.
The situation with Pudu Robotics clearly demonstrated that vulnerabilities in commercial service robots are no less critical than those in traditional IT systems, as people's health and comfort directly depend on their uninterrupted operation.
