Headline
Apple AirPods Bug Allows Eavesdropping
The vulnerability affects not only AirPods, but also AirPods Max, Powerbeats Pro, Beats Fit Pro, and all models of AirPods Pro.
Source: Hoor Aloraidh via Alamy Stock Photo
Apple released its latest firmware update for its AirPods products to address a vulnerability that could give a threat actor unauthorized access.
The vulnerability is tracked as CVE-2024-27867 and affects AirPods (second generation and later) and AirPods Pro (all models), as well as AirPods Max, Powerbeats Pro, and Beats Fit Pro.
“When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones,” reported Apple in an advisory.
To fix for the issue, Apple said that an “authentication issue was addressed with improved state management” in AirPods firmware update 6A326, AirPods firmware update 6F8, and Beats firmware update 6F8. These firmware updates are automatically delivered to a user’s device while the headphones or AirPods are in Bluetooth range of an iPhone, iPad, or Mac.
Apple credited Jonas Dreßler for the discovery of the flaw as with well as reporting the bug to the company.
About the Author(s)
Related news
Apple Security Advisory 06-25-2024-1 - AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8 address a spoofing vulnerability.
Apple has released a firmware update for AirPods that could allow a malicious actor to gain access to the headphones in an unauthorized manner. Tracked as CVE-2024-27867, the authentication issue affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro. "When your headphones are seeking a connection request to one of your previously