A newly disclosed set of Bluetooth vulnerabilities in Airoha-powered audio gadgets may permit attackers to snoop on customers, hijack connections, and extract delicate info—all with out the sufferer’s data.
What Is the Bluetooth Headphone Vulnerability?
Safety researchers at ERNW revealed the issues, highlighting critical authentication points in each Bluetooth Basic and BLE (Bluetooth Low Vitality) companies utilized by Airoha System-on-Chip (SoC). Affected gadgets embody a number of the hottest headphones and earbuds available on the market, akin to these from Sony, Bose, JBL, Jabra, Marshall, Beyerdynamic, and others.
Whilst you doubtless have not heard of Airoha, as per the above record of headphone producers, you have undoubtedly used its {hardware} constructed into different merchandise.
ERNW
There are three essential points:
- CVE-2025-20700: Lacking Authentication for GATT Companies
- CVE-2025-20701: Lacking Authentication for Bluetooth BR/EDR
- CVE-2025-20702: Crucial Capabilities of a Customized Protocol
One of many flaws (CVE-2025-20702) has been rated near-critical (CVSS 9.6), making this a high-priority subject for producers and security-conscious customers alike.
Together, these vulnerabilities may permit an attacker to show Bluetooth headphones into eavesdropping gadgets, successfully using the headphones’ on-device microphones as recording gadgets. One assault methodology noticed the researchers redirect sound, permitting them to listen to the listener’s environment. A second assault exploited the connection between paired Bluetooth gadgets, issuing instructions to the paired gadget to make a secret name or extract information from the gadget.
Are Your Bluetooth Headphones at Danger?
Now, here is why you should not be too apprehensive about this Bluetooth vulnerability: the exploits require the attacker to be inside bodily proximity. As a consequence of how Bluetooth features—shut vary wi-fi connections—that is unlikely to be exploited at vital scale.
ERNW’s report identifies the next headphones as susceptible:
Model
Product Names
Beyerdynamic
Amiron 300
Bose
QuietComfort Earbuds
EarisMax
Bluetooth Auracast Sender
Jabra
Elite 8 Lively
JBL
Endurance Race 2, Reside Buds 3
Jlab
Epic Air Sport ANC
Marshall
ACTON III, MAJOR V, MINOR IV, MOTIF II, STANMORE III, WOBURN III
MoerLabs
EchoBeatz
Sony
CH-720N, Hyperlink Buds S, ULT Put on, WF-1000XM3, WF-1000XM4, WF-1000XM5, WF-C500, WF-C510-GFP, WH-1000XM4, WH-1000XM5, WH-1000XM6, WH-CH520, WH-XB910N, WI-C100
Teufel
Tatws2
However with Airoha chipsets powering hundreds of thousands of Bluetooth audio gadgets, there are probably hundreds of thousands of susceptible gadgets.
Tips on how to Maintain Your Bluetooth Headphones Secure
The largest security tip is to maintain an eye fixed out for any upcoming firmware updates in your Bluetooth headphones or earbuds. Airoha has already launched a repair for the vulnerabilities, however, as per ERNW’s report dated June 25, 2025, “we aren’t conscious of any fastened firmware launch.”
Headphone producers are doubtless constructing as much as releasing the bug repair, together with different fixes, as a part of a daily patch program, however the repair is incoming.
Till producers subject confirmed patches, customers of affected headphones ought to:
- Verify for firmware updates utilizing the official app
- Unpair and cease utilizing affected fashions in delicate environments
- Keep alert for safety advisories out of your headphone model
Whereas exploitation of this flaw requires technical experience and bodily proximity, the invention highlights the rising safety implications of client electronics. With headphones now appearing as gateways for digital assistants, calls, and music, a flaw like this may grow to be a critical privateness menace.
