Story · arstechnica + bluesky + websearch · 21 events
Apple Patches Beats Studio Buds Eavesdropping Flaw
Apple updated Beats Studio Buds to patch high-severity CVE-2025-20701 (CVSS 8.8) vulnerability that let nearby hackers eavesdrop on conversations
A...
Apple Patches Beats Studio Buds Eavesdropping Flaw
Apple updated Beats Studio Buds to patch high-severity CVE-2025-20701 (CVSS 8.8) vulnerability that let nearby hackers eavesdrop on conversations
Attackers within Bluetooth range could pair without user consent,
Apple fixes Beats Studio Buds flaw that let hackers spy on ...
Apple fixes Beats Studio Buds flaw that let hackers spy on ...
A high-severity vulnerability (CVE-2025-20701) was discovered in the Beats Studio Buds wireless earbuds that could allow attackers within Bluetooth range to listen to users' conversations without pairing. The flaw stems from missing authentication in the Bluetooth BR/EDR radio of the Airoha SoC used in the earbuds. Apple released a firmware update (1B211) that automatically patches this issue when the earbuds connect to an iPhone, iPad, or Mac. The vulnerability can be exploited to eavesdrop, read call history and contacts, and issue commands via Bluetooth Hands-Free Profile when chained with related vulnerabilities. Exploitation requires technical skill and physical proximity, likely limiting attacks to high-value targets.
The vulnerability CVE-2025-20701 affects the Beats Studio Buds wireless earbuds using the Airoha system-on-a-chip. It arises from a missing authentication mechanism in the Bluetooth BR/EDR radio, allowing attackers within Bluetooth range to listen through the device's microphone without pairing. Researchers demonstrated that chaining this flaw with CVE-2025-20700 and CVE-2025-20702 enables attacker…
Beats Studio Buds: Apple patched CVE-2025-20701, a nearby spy flaw via incorrect Bluetooth audio authorization. Update firmware now and recheck pairing settings. #Cybersecurity #Vulnerability #InfoSec...
Beats Studio Buds: Apple patched CVE-2025-20701, a nearby spy flaw via incorrect Bluetooth audio authorization. Update firmware now and recheck pairing settings. #Cybersecurity #Vulnerability #InfoSec
Source: https://thehackernews.com/2026/06/apple-patches-beats-studio-buds-flaw.html
Apple patched a high-severity eavesdropping vulnerability affecting Beats Studio Buds.
https://ttek2.com/topics/apple
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.
Via Ars Technica
Apple Patches Beats Studio Buds Flaw That Could Enable Wiretapping
->TechRepublic | More on "Beats earbuds Bluetooth wiretapping vulnerability" at BigEarthData.ai
Apple patched a high-severity eavesdropping vulnerability in Beats Studio Buds.
https://ttek2.com/topics/apple
Apple Fixes Critical Beats Studio Buds Bluetooth Flaw That Enables Covert Eavesdropping
https://www.europesays.com/ie/546726/
Apple has released a security update for its Beats Studio Buds after res...
Apple Fixes Critical Beats Studio Buds Bluetooth Flaw That Enables Covert Eavesdropping
https://www.europesays.com/ie/546726/
Apple has released a security update for its Beats Studio Buds after researchers uncovered a serious Bluetooth vulnerability…
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds arstechnica.com/apple/2026/0... #Tech #Technology #Apple #Beats
Apple patched a high-severity eavesdropping vulnerability in Beats Studio Buds.
https://ttek2.com/topics/apple
Apple patched a high-severity eavesdropping vulnerability tied to Beats Studio Buds.
https://ttek2.com/topics/apple
Apple has patched a high-severity eavesdropping vulnerability (CVE-2025-20701) in Beats Studio Buds, allowing nearby hackers to impersonate paired devices and eavesdrop on conversations. The vulnerabi...
Apple has patched a high-severity eavesdropping vulnerability (CVE-2025-20701) in Beats Studio Buds, allowing nearby hackers to impersonate paired devices and eavesdrop on conversations. The vulnerability stemmed from improper authentication in Bluetooth firmware.
Apple Patches High-Severity Bluetooth Vulnerability in Beats ...
Apple Patches High-Severity Bluetooth Vulnerability in Beats ...
Immediate Enterprise Concern
Employees using vulnerable Beats Studio Buds may be susceptible to eavesdropping or unauthorized command execution if they are within Bluetooth range of an attacker.
Apple has issued a security update to address a high-severity vulnerability affecting Beats Studio Buds wireless earbuds. The flaw, identified as CVE-2025-20701, allows an attacker within Bluetooth range to listen through the microphone of a device that is not yet paired but is actively seeking pair requests. Apple noted that this vulnerability exists in open-source code used within the Airoha system-on-a-chip (SoC) and affects Apple software. The vulnerability was discovered by Dennis Heinze and Frieder Steinmetz of ERNW GmbH and disclosed one year ago at the TROOPERS security conference in Germany. It stems from a missing authentication weakness in the Bluetooth BR/EDR radio.
The researchers demonstrated that by chaining CVE-2025-20701 with two additional vulnerabilities, CVE-2025-20700 and CVE-2025-20702, attackers can hijack the connection between a phone and a paired Bluetooth audio device. This allows the use of the …
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploite...
Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.
The vulnerability, tracked as …
#apple #hackernews #news
Apple patches eavesdropping vulnerability in Beats Studio Buds
Apple patches eavesdropping vulnerability in Beats Studio Buds
Text
settings
Story text
Size
Small
Standard
Large
Width
*
Standard
Wide
Links
Standard
Orange
* Subscribers only
Learn more
Minimize to nav
Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.
The vulnerability,
CVE-2025-20701
, allowed improper authentication in the firmware running on the Bluetooth-related chips, enabling people within signal range to impersonate devices that had previously been paired with the earbuds. The researchers demonstrated this in a series of end-to-end attacks that allowed them to eavesdrop on conversations or sounds within earshot of the phone microphone.
Apple joins the patch party
“Impact: An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests,” Apple said in a Tuesday security
advisory
. The fix is contained in Beats Firmware Update 1B211, which is delivered automatically while headphones are paired with and within Bluetooth range of a user’s iPhone, iPad, or Mac. Users can che…
Apple patched a high-severity eavesdropping vulnerability affecting Beats Studio Buds.
https://ttek2.com/topics/apple
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Apple patched a high-severity eavesdropping vulnerability in Beats Studio Buds, according to Ars.
https://ttek2.com/topics/apple
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.
Apple fixes Beats Studio Buds flaw that let hackers ... - BleepingComputer
Apple fixes Beats Studio Buds flaw that let hackers ... - BleepingComputer
Apple fixes Beats Studio Buds flaw that let hackers spy on conversations
By
Sergiu Gatlan
June 18, 2026
08:23 AM
0
Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations.
"An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests," Apple explained in a
Tuesday advisory
.
"This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party."
Apple patched the vulnerability in Beats Firmware Update 1B211, which will be automatically delivered to vulnerable headphones when they are paired and within Bluetooth range of the user's iPhone, iPad, or Mac.
You can check whether the firmware has been applied from the Bluetooth settings on your device by tapping the info button next to the headphones.
The security flaw (
CVE-2025-20701
) was discovered by Dennis Heinze and Frieder Steinmetz of ERNW GmbH in the Airoha system-o…
📰 **Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds**
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.
📰 Source: Ars Technica
🔗 Link […]
[Or...
📰 **Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds**
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.
📰 Source: Ars Technica
🔗 Link […]
[Original post on igeek.gamer-geek-news.com]
Corroboration
No verdict, no pronouncement. The model extracts atomic factual claims with verbatim quotes; every quote is validated against the source text and corroboration is computed by counting how many editorially-opposed blocs assert each fact. 12 fabricated/unverifiable quotes were rejected by the cite-or-die gate.
The spine · 9 facts corroborated across ≥2 opposed blocs
2×cross-perspective · 2Apple patched a high-severity vulnerability in Beats Studio Buds wireless earbuds.
othertech
arstechnica“Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds”
bluesky“Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds”
arstechnica.com“Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.”
bleepingcomputer.com“Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations.”
radar.offseq.com“Apple has released security updates to patch a high-severity flaw affecting the Beats Studio Buds wireless earbuds that could allow attackers in Bluetooth range to spy on users' conversations.”
qpulse.quasarcybertech.com“Apple has issued a security update to address a high-severity vulnerability affecting Beats Studio Buds wireless earbuds.”
2×cross-perspective · 2The vulnerability was disclosed one year ago at the TROOPERS security conference in Germany.
othertech
qpulse.quasarcybertech.com“The vulnerability was discovered by Dennis Heinze and Frieder Steinmetz of ERNW GmbH and disclosed one year ago at the TROOPERS security conference in Germany.”
arstechnica“The vulnerability, disclosed 12 months ago, affects multiple manufacturers.”
bluesky“The vulnerability, disclosed 12 months ago, affects multiple manufacturers.”
1×broadly confirmedThe vulnerability is identified as CVE-2025-20701.
other
bleepingcomputer.com“The security flaw (
CVE-2025-20701
) was discovered by Dennis Heinze and Frieder Steinmetz of ERNW Gmb”
radar.offseq.com“The vulnerability CVE-2025-20701 affects the Beats Studio Buds wireless earbuds using the Airoha system-on-a-chip.”
qpulse.quasarcybertech.com“The flaw, identified as CVE-2025-20701, allows an attacker within Bluetooth range to listen through the microphone of a device that is not yet paired but is actively seeking pair requests.”
1×broadly confirmedThe vulnerability arises from a missing authentication mechanism in the Bluetooth BR/EDR radio of the Airoha system-on-a-chip used in the Beats Studio Buds.
other
radar.offseq.com“The vulnerability CVE-2025-20701 affects the Beats Studio Buds wireless earbuds using the Airoha system-on-a-chip. It arises from a missing authentication mechanism in the Bluetooth BR/EDR radio, allowing attackers within Bluetooth range to listen through the device's microphone without pairing.”
qpulse.quasarcybertech.com“Apple noted that this vulnerability exists in open-source code used within the Airoha system-on-a-chip (SoC) and affects Apple software. The vulnerability was discovered by Dennis Heinze and Frieder Steinmetz of ERNW GmbH and disclosed one year ago at the TROOPERS security conference in Germany. It stems from a missing authentication weakness in the Bluetooth BR/EDR radio.”
1×broadly confirmedApple released Beats Firmware Update 1B211 to patch the vulnerability.
other
arstechnica.com“The fix is contained in Beats Firmware Update 1B211, which is delivered automatically while headphones are paired with and within Bluetooth range of a user’s”
bleepingcomputer.com“Apple patched the vulnerability in Beats Firmware Update 1B211, which will be automatically delivered to vulnerable headphones when they are paired and within Bluetooth range of the user's iPhone, iPad, or Mac.”
qpulse.quasarcybertech.com“Apple has issued a security update to address a high-severity vulnerability affecting Beats Studio Buds wireless earbuds.”
1×broadly confirmedThe firmware update is delivered automatically when the Beats Studio Buds are paired and within Bluetooth range of an iPhone, iPad, or Mac.
other
arstechnica.com“The fix is contained in Beats Firmware Update 1B211, which is delivered automatically while headphones are paired with and within Bluetooth range of a user’s”
bleepingcomputer.com“Apple patched the vulnerability in Beats Firmware Update 1B211, which will be automatically delivered to vulnerable headphones when they are paired and within Bluetooth range of the user's iPhone, iPad, or Mac.”
1×broadly confirmedThe vulnerability affects multiple manufacturers.
tech
arstechnica“The vulnerability, disclosed 12 months ago, affects multiple manufacturers.”
bluesky“The vulnerability, disclosed 12 months ago, affects multiple manufacturers.”
1×broadly confirmedThe vulnerability can be chained with CVE-2025-20700 and CVE-2025-20702 to enable additional attacks including hijacking Bluetooth connections, issuing commands via the Hands-Free Profile, accessing device memory, retrieving call history and contacts, and placing arbitrary calls.
other
radar.offseq.com“Researchers demonstrated that chaining this flaw with CVE-2025-20700 and CVE-2025-20702 enables attackers to hijack the Bluetooth connection, issue commands via the Hands-Free Profile, access device memory, retrieve call history and contacts, and place arbitrary calls.”
qpulse.quasarcybertech.com“The researchers demonstrated that by chaining CVE-2025-20701 with two additional vulnerabilities, CVE-2025-20700 and CVE-2025-20702, attackers can hijack the connection between a phone and a paired Bluetooth audio d”
1×broadly confirmedApple stated that the vulnerability exists in open-source code and Apple Software is among the affected projects.
other
bleepingcomputer.com“This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party.”
qpulse.quasarcybertech.com“Apple noted that this vulnerability exists in open-source code used within the Airoha system-on-a-chip (SoC) and affects Apple software.”
Single-source · 2 — reported by one bloc only (uncorroborated)
The vulnerability allows attackers within Bluetooth range to eavesdrop on conversations through the microphone of the Beats Studio Buds without pairing.
qpulse.quasarcybertech.com
The vulnerability was discovered by Dennis Heinze and Frieder Steinmetz of ERNW GmbH.
qpulse.quasarcybertech.com
Framing · 4 — loaded language surfaced (spin shown, not adopted)
arstechnica.com
“exploited by nearby hackers to eavesdrop on users”
→ allow attackers within Bluetooth range to eavesdrop
bleepingcomputer.com
“spy on users' conversations”
→ eavesdrop on conversations
qpulse.quasarcybertech.com
“Immediate Enterprise Concern”
→ Employees using vulnerable Beats Studio Buds may be susceptible to eavesdropping
bleepingcomputer.com
“This is a vulnerability in open source code and Apple Software is among the affected projects. The CVE-ID was assigned by a third party.”
→ The vulnerability exists in open-source code used in Apple products, and the CVE was assigned by a third party