Particle.news
Download on the App Store
4 ARTICLES
·
last mo.

Vendors Delay Firmware Patches for 29 Vulnerable Bluetooth Audio Models After CERT-In Alert

Attackers in Bluetooth range could hijack audio sessions or deploy wormable malware before manufacturers distribute security patches.

Govt Issues High-Risk Alert For These Headphones | Image: representative
Image
The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware.
Image

Overview

  • India’s cybersecurity agency CERT-In issued a high-severity advisory on July 2 detailing multiple flaws in Airoha Bluetooth firmware that power popular audio devices.
  • German firm ERNW identified 29 at-risk models across ten brands, including Sony, Bose and JBL, but no product-specific patches have been released.
  • Airoha provided an SDK update with firmware fixes on June 4, yet individual manufacturers have not rolled out their updates as scheduled.
  • Security experts warn that successful exploitation requires proximity and advanced skills but could allow eavesdropping, call hijacking and malicious firmware spread.
  • The government also cautioned that prolonged, high-volume headphone use can lead to permanent hearing loss, tinnitus and other ear health issues.