Particle.news
Download on the App Store
5 ARTICLES
·
3w ago

Critical Bluetooth Chip Flaw Leaves Millions of Headphones Vulnerable

Most affected headphones remain vulnerable despite Airoha’s delivery of updated development kits to manufacturers.

Image
Image
Millionen Kopfhörer sind betroffen. Ihre Nutzer könnten durch eine Sicherheitslücke belauscht werden.
Können eure Kopfhörer genutzt werden, um euch abzuhören? (Bild: Shutterstock/Dean Drobot)

Overview

  • ERNW researchers discovered the Bluetooth chip flaw in March and revealed it publicly on June 26 after Airoha supplied patched SDKs on June 4.
  • The vulnerability lies in Airoha’s proprietary Bluetooth SoCs embedded in over 100 headphone models from Sony, JBL, Bose, Marshall and others.
  • Exploits allow nearby attackers to read data from chip memory, hijack calls or trigger voice assistants without pairing.
  • Airoha delivered updated development kits to manufacturers but no firmware patches have been issued to consumers as of June 27.
  • Apple’s AirPods are exempt from the flaw, and three CVE identifiers (CVE-2025-20700 through CVE-2025-20702) carry disputed severity ratings between ERNW and Airoha.