All Topics
All Topics
Technology
Technology
Design
Design
Programming
Programming
Science
Science
News
News
Gaming
Gaming
Entertainment
Entertainment
Business
Business
Finance
Finance
Sports
Sports
Health
Health
Food
Food
Travel
Travel
Art
Art
Music
Music
Books
Books
Education
Education
Politics
Politics
Personal
Personal
Bluesky
Twitter
No algorithm. No AI slop. No ads. Just RSS. Pro-human. Indie writers. Real journalism. Open web. Chronological. Hand toasted.

Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds

By

Dan Goodin

1h ago· 2 min readenNews

Summary

Apple has patched a high-severity eavesdropping vulnerability (CVE-2025-20701) in Beats Studio Buds that could allow attackers to intercept audio. The vulnerability, disclosed 12 months ago, affects multiple manufacturers. Security firm Sentinel One provided deeper analysis. Researchers Heinze and Steinmetz noted the full attack chain could also enable retrieving call history, contacts, and calling arbitrary numbers, though capabilities depend on specific paired devices and platform functionality.

Source

bskyApple patches high-severity eavesdropping vulnerability in Beats Studio Budsarstechnica.com

Key quotes

· 3 pulled
Heinze and Steinmetz said last year that the full chain of attacks gave attackers the ability to do other malicious things, including retrieving call history and contacts, and even calling arbitrary numbers.
Many of those capabilities are dependent on the specific devices being paired, since the functionality built into them differs from platform to platform.
Devices affected by the Airoha vulnerabilities are by no means alone.
Snippet from the RSS feed
The vulnerability, disclosed 12 months ago, affects multiple manufacturers.

You might also wanna read

Three Bluetooth Chip Vulnerabilities Found in Airoha-Powered Headphones and Earbuds

Security researchers Dennis Heinze and Frieder Steinmetz discovered three vulnerabilities (CVE-2025-20700, CVE-2025-20701, CVE-2025-20702) i

media.ccc.de·5mo ago

Critical Bluetooth vulnerabilities in Creative Sound Blaster Katana V2X allow remote keystroke injection and spying

A security researcher reverse-engineered the firmware of a Creative Sound Blaster Katana V2X speaker and discovered critical Bluetooth proto

blog.nns.ee·13d ago

Critical Bluetooth vulnerabilities in Creative Sound Blaster Katana V2X allow remote keystroke injection and spying

A security researcher reverse-engineered the firmware of a Creative Sound Blaster Katana V2X speaker and discovered critical Bluetooth proto

blog.nns.ee·13d ago

Critical BLE Vulnerability Allows Root-Level Takeover of Unitree Robots

Security researchers disclosed a critical Bluetooth Low Energy (BLE) vulnerability in Unitree robots (Go2, B2, G1, H1) on 20 September. The

spectrum.ieee.org·8mo ago

Critical Vulnerability in Base44 AI Vibe Coding Platform Exposed by Wiz Research

Wiz Research uncovered a critical vulnerability in the AI-powered vibe coding platform Base44, recently acquired by Wix, which allowed unaut

wiz.io·10mo ago

Critical Vulnerabilities in BlueSDK Bluetooth Stack Enable Remote Hacking of Cars

Researchers at PCA Cyber Security discovered critical vulnerabilities in the BlueSDK Bluetooth stack that could be exploited to remotely hac

securityweek.com·11mo ago

Apple patches critical iOS zero-day vulnerability exploited in targeted attacks

Apple has patched a critical zero-day vulnerability (CVE-2026-20700) affecting every iOS version since 1.0, discovered by Google's Threat An

theregister.com·4mo ago