Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds

Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds — Biz & IT - Ars Technica
Source: Biz & IT - Ars Technica

Security firm Sentinel One has a deeper dive into CVE-2025-20701. Heinze and Steinmetz said last year that the full chain of attacks gave attackers the ability to do other malicious things, including retrieving call history and contacts, and even calling arbitrary numbers.

Many of those capabilities are dependent on the specific devices being paired, since the functionality built into them differs from platform to platform. Devices affected by the Airoha vulnerabilities are by no means alone. In January, researchers disclosed WhisperPair, a series of vulnerabilities that allows an attacker to hijack Bluetooth devices connected through Google Fast Pair, a proprietary protocol belonging to the company.

Besides eavesdropping, attackers can exploit the WhisperPair flaws to geolocate devices. The vulnerabilities affect more than a dozen devices from 10 manufacturers, including Sony, Nothing, JBL, OnePlus, and Google itself. There are few, if any, reports of Bluetooth vulnerabilities like these being actively exploited in the wild.

apple, beats studio, cve-2025-20701, sentinel one, airoha, whisperpair, google fast, bluetooth eavesdropping, call history, geolocation