In the coming age of robotics, many of those autonomous machines will be Internet-connected and mobile. What could possibly go wrong?

Significant security flaws were found in an examination of six home and industrial robots, according to a report released last week by IOActive, a computer security consulting firm with its headquarters in Seattle. The report notes that only four of the six companies responded to the firm’s alert, and only two said they plan to make patches after being informed of the problems.

The researchers, who described the categories of vulnerabilities they had discovered in the report but not the specific flaws, said their research was simply an early reconnaissance of the field.

MBA BY THE BAY: See how an MBA could change your life with SFGATE's interactive directory of Bay Area programs.

“It’s important to note that our testing was not even a deep, extensive security audit, as that would have taken a much larger investment of time and resources,” the authors wrote. “The goal for this work was to gain a high-level sense of how insecure today’s robots are, which we accomplished.”

Despite the general nature of the report, industry specialists warn that if robot makers fail to take a security-first approach, it may haunt them.

“The desire for online commerce brought strong cryptographic algorithms into our daily lives,” said Joe Britt, CEO of Afero, a Los Altos maker of secure communications systems for the world of embedded computing. “As embedded systems for sensors and robotics flourish in the next wave of computing, failure to apply these proven safeguards is like leaving the locks off of our doors.”

The research underscores the potential security challenges that await the world of mobile robots.

Given the popularity of stationary home robotic systems like Amazon’s Echo and Google’s Home personal assistants, as well as dozens of other Internet-connected devices like doorbells, video cameras and even light bulbs, it appears that people are willing to trust that manufacturers are building adequate security into the products.

It is common for manufacturers that do not have good security practices to not know how to deal with vulnerability reports. Most of them probably do not have a procedure in place to handle reports nor to provide security fixes to customers.

Robots are widely used in manufacturing. But they are largely systems like robotic arms that do not have autonomous functions and cannot move around in the environment.

There is a growing consensus that during the next decade, advances in artificial intelligence will make it possible for robots to move freely in unstructured environments.

This will bring self-driving cars closer to reality and will also lead to a generation of machines that will operate autonomously in homes, offices and factories.

The authors of the new report challenged the robotics industry, saying that not enough attention is being given to well-known security issues that have proved devastating for commercial computer networks.

“We call it an Internet-of-things with arms and legs and wheels,” said Cesar Cerrudo, chief technology officer of IOActive. “The surface of attack is huge. Each robot has multiple ways it can be compromised.”

The researchers said that robot makers are rushing their products to market without giving adequate consideration to security.

“Vendors like to add features that please the public,” said Lucas Apa, a senior security consultant at IOActive and one of the authors of the report. “They forget about important issues. Robots can have microphones and cameras; they can walk and they can grab objects. People don’t realize the consequences of something that can grab an object or can hear or see you.”

The report identifies security flaws in a number of robots, including the NAO and Pepper home robots made by SoftBank Robotics; and manufacturing robots from Universal Robots and Rethink Robotics, two makers of robot arms that are intended to collaborate with human workers in assembly line applications.

It also identifies flaws in small humanoid robots made by UBTech Robotics and Robotis, and in robotics software developed by Asratec Corp.

The report identifies seven kinds of security issues, ranging from weak cryptographic systems and vulnerable default configurations to what security experts call authentication issues. In some cases, they noted that it is possible to control some robot functions without authentication.

“We found key robot services that didn’t require a user name and password, allowing anyone to remotely access those services,” the report said.

One of the robot manufacturers identified by the report disputed the findings. Two of the criticisms leveled by the researchers actually involved “features” added for research and education markets, according to Gil Haylon, a Rethink Robotics spokesman. He added that other vulnerabilities had been phased out in the latest software release for the company’s Baxter and Sawyer robots, which are intended for light assembly operations.

Universal Robots said it is looking into the issue raised by the researchers. The other companies did not immediately respond to requests for comment.

John Markoff is a New York Times writer.