● LIVE
Updated 13h ago
· 16 sources tracked
Apple fixes a Beats Studio Buds flaw that could let hackers listen to conversations
Apple released a firmware update to fix a vulnerability that allowed nearby attackers to spy on users via the microphone. The flaw stemmed from incorrect authorization in the Airoha Bluetooth audio SDK. This issue affected 30 different products across multiple manufacturers.
What changed
Apple issued Beats Firmware Update 1B211 to resolve a year-old security vulnerability.
Live updates
-
Apple Patches High-Severity Eavesdropping Flaw in Beats Studio Buds
confidence 100%Apple released a firmware update to fix a vulnerability that allowed nearby attackers to spy on users via the microphone. The flaw stemmed from incorrect authorization in the Airoha Bluetooth audio SDK. This issue affected 30 different products across multiple manufacturers.
What's confirmed:
- Apple released Beats Firmware Update 1B211 to fix a high-severity vulnerability in Beats Studio Buds.
- The flaw, tracked as CVE-2025-20701 with a CVSS score of 8.8, allowed nearby attackers to eavesdrop via the microphone.
- The vulnerability resulted from incorrect authorization in the Airoha Bluetooth audio SDK, enabling pairing without user consent.
- The security flaw affected 30 different products from multiple manufacturers.
- Exploitation of the bug could lead to remote escalation of privilege without user interaction.
- The vulnerability was disclosed 12 months ago.
Still unconfirmed:
- The flaw could allow hackers to discover call histories.
- The update will be deployed the next time users connect their headphones.