Still in the testing and analysis phase, the premium AMR1 already exhibits several significant issues that have yet to be publicly disclosed. A recurring example involves the well-known vulnerabilities associated with ROS 1, the widely used middleware for communication, interconnection, and operation of robotic platforms.
The CAI-driven exercise included the detection of the ROS network and the communications between devices through what is known as topics, taking advantage of the lack of authentication in access and code injections. The study was successful, and the publication of nodes and code from a connected but unauthorized endpoint caused the robot to emit an audible message, demonstrating the severity of the vulnerability in ROS and compromising the availability of the assets.
The images show the operation of CAI (Cybersecurity AI), which identifies the master node within the ROS network and connects to it without requiring authentication. Once inside, CAI, using the alias0 model, generates the appropriate Python code to launch a node, publish to existing topics, and interact with services. With this level of control, CAI is able to trigger the premium AMR1 to emit an English emergency sound, executed from the attacker’s machine.
CAI represents the first open-source framework specifically designed to democratize advanced security testing through specialized AI agents. By 2028, most cybersecurity actions will be autonomous, with humans teleoperating, making CAI's approach to AI-powered vulnerability discovery increasingly critical for organizational security. The framework transcends theoretical benchmarks by enabling practical security outcomes. CAI achieved first place among AI teams and secured a top-20 position worldwide in the "AI vs Human" CTF live Challenge, earning a monetary reward and various other prizes and bounties ever since then. This performance demonstrates that AI-powered security testing can compete with and often exceed human capabilities in vulnerability discovery.
Explore CAI's source code ❯Premium AMR1 is a state-of-the-art autonomous mobile robot designed to optimize logistics and material handling in industrial environments. Its compact, agile design allows it to navigate complex warehouse layouts and confined spaces effectively. Premiun AMR1 stands out for its advanced capabilities compared to lower-performing alternatives.
21
3.56 €
Evaluate whether a remote agent could connect to the robot’s ROS master, identify critical topics, and influence its behaviour without authentication—exposing potential weaknesses in ROS 1’s access control and topic-level protections.
Using CAI, Alias Robotics simulated a real-world attack against the premium AMR1 by exploiting ROS 1’s lack of authentication. CAI detected the ROS master, connected without credentials, and injected Python code to control topics and services. The robot’s behavior was altered remotely, confirming the severity of the vulnerability.