- Security researchers have found three faults with average severity in Bluetooth Soc
- When they are chained, they can be used to listen to conversations, and more
- Correctives are under development, so be on your guard
Security researchers discovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from several manufacturers.
Vulnerabilities, they say, can be used to listen to people’s conversations, steal call history and contact information, and perhaps even deploy malware on vulnerable devices.
However, the exploitation of defects for these purposes is quite difficult, therefore the practical implementation of bugs remains rather questionable.
Difficult to withdraw
ERNW security researchers have recently found three faults in the Airoha system on a chip (SOC), apparently “widely used” in wireless stereo headphones (TWS).
The SOC would be present in 29 aircraft from different manufacturers, including some high -level names: Beyerdynamic, Bose, Sony, Marshall, Jabra, Jbl, Jlab, Earemax, Moerlabs and Teufel. The speakers, headphones, headphones and wireless microphones all seem affected.
The bugs are now followed under these cve:
CVE-2025-20700 (6.7 / 10)-missing authentication for GATT services
CVE-2025-20701 (6.7 / 10)-missing authentication for Bluetooth BR / EDR
CVE-2025-20702 (7.5 / 10)-Critical capacities of a personalized protocol
The researchers said that an actor of threat with a fairly high technical skills set could, if they are in the Bluetooth range, withdraw an attack and divert the connection between the phone and the Bluetooth device.
They could then publish various orders on the phone, including launching or receiving calls, or recovering call history and phone contacts.
They could also “successfully listen to conversations or sounds within voice,” they said. In the end, they said that it was possible to rewrite the micrologetal of the device and thus deploy different variants of malicious software.
But the attacks are difficult to achieve, which could mean that only advanced adversaries, such as actors of the threats sponsored by the State, could try to mistreat the faults. In any case, Airoha has published an updated SDK with a set of attenuations, which manufacturers have now started to turn into fixes.
Via Bleeping Compompute
