Your Headphones Are Spying On You: 20+ Audio Devices, Including Sony, Bose, and JBL, Vulnerable

Tobias Markets 5 views

A critical security flaw affects over twenty popular audio devices, including brands like Sony, Bose, and JBL. Discovered in a widely used Bluetooth chip, the vulnerability could allow hackers to eavesdrop or steal data. Researchers demonstrated an exploit to extract media playback information and potentially hijack connections. While technically challenging, the issue is being addressed with updated software from the chip manufacturer and patches from device makers.

CNBC AI News, June 30 – A significant security flaw has been uncovered in a widely used Bluetooth chip, impacting over twenty popular audio devices. This vulnerability potentially allows hackers to eavesdrop on private conversations or steal sensitive data transmitted through affected devices.

Cybersecurity researchers have confirmed that 29 devices from prominent brands, including Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel, are susceptible. The compromised products span a range of audio gear, from speakers and earbuds to headphones and wireless microphones.

The details of these vulnerabilities were revealed at the TROOPERS security conference in Germany by researchers from cybersecurity firm ERNW. They identified three distinct weaknesses within the Airoha system-on-chip (SoC).

The identified vulnerabilities are designated as CVE-2025-20700 (CVSS score 6.7, medium severity), CVE-2025-20701 (CVSS score 6.7, medium severity), and CVE-2025-20702 (CVSS score 7.5, high severity). Through a proof-of-concept demonstration, the researchers successfully extracted media information being played on targeted headphones.

The exploit allows attackers to potentially hijack the connection between a mobile device and an audio Bluetooth accessory. Notably, by leveraging the Bluetooth Hands-Free Profile (HFP), malicious actors could send commands to the connected phone.

However, the practical implementation of these attacks comes with considerable challenges. Success hinges on attackers possessing advanced technical expertise and maintaining a close proximity within the Bluetooth connection range. This suggests that such sophisticated attacks might be primarily targeted at high-value individuals or organizations.

In response, Airoha has already released an updated SDK that includes the necessary mitigation measures. Device manufacturers are now actively engaged in developing and distributing patches to address the security holes.

Your Headphones Could Be Under Surveillance! Over 20 Audio Devices Vulnerable: Sony, Bose, JBL, and More Affected

Original article, Author: Tobias. If you wish to reprint this article, please indicate the source:https://aicnbc.com/3622.html

Like (0)

About Author

Tobias

Tobias

Tobias focuses on large corporations' stocks and the evolving IT tech internet sectors. A pro in financial analysis and tech reporting, he's recognized for real - time coverage of major stock events. Tobias has a sharp eye for industry trends, offering in - depth analysis on tech impacts. Regularly contributing to top media, he's a trusted source for industry news.
Previous 10 hours ago
Next 9 hours ago

Related News