I know very little about modern exploits (take this with a pinch of salt), but I imagine one could exploit the bots like so:

• software updates will need to be periodically installed to the dog. I really really doubt they wouldn't update the software after release, given how novel the bots are

• the software updates will be authenticated somehow, to ensure that "only" the software vendor is the author of an update.

• if an attacker can successfully impersonate the software vendor, they could load malware onto the robot through the existing update process. This would be similar to the attack that came through SolarWinds