Bluetooth Security Flaws Allow Hackers to Spy on Headphones and Microphones

Security researchers have discovered Bluetooth security flaws in a widely used chipset that could allow hackers to eavesdrop on private conversations or hijack wireless audio devices. These vulnerabilities affect more than two dozen products from major brands such as Bose, Sony, JBL, Marshall, and others—posing a serious privacy concern, particularly for high-profile individuals.

Bluetooth Security Flaws Affect Major Brands

The vulnerabilities were found in Bluetooth chipsets developed by Airoha, commonly integrated into True Wireless Stereo (TWS) earbuds and a variety of wireless audio devices. In total, 29 products across 10 different brands are affected, including headphones, speakers, earbuds, and wireless microphones.

The flaws were revealed by cybersecurity firm ERNW during the TROOPERS conference in Germany. The team identified three separate issues within Airoha’s system-on-chip (SoC) hardware, which were assigned the following CVEs:

• CVE-2025-20700: Missing authentication in GATT services (medium severity)
• CVE-2025-20701: Missing authentication for Bluetooth BR/EDR (medium severity)
• CVE-2025-20702: Flawed custom protocol offering critical capabilities (high severity)

Although exploiting these vulnerabilities requires close physical proximity and advanced technical skills, the potential outcomes are significant.

What Attackers Could Do with These Flaws

ERNW researchers developed a proof-of-concept exploit to demonstrate the risks. They were able to read the media currently playing on headphones—seemingly minor, but this opens the door to more invasive attacks.

An attacker could impersonate a Bluetooth audio device, hijack its connection to a smartphone, and issue Bluetooth Hands-Free Profile (HFP) commands. This could allow them to:

• Make or receive phone calls
• View contact lists and call history
• Eavesdrop on nearby conversations or sounds
• Trigger calls to arbitrary numbers
• Inject malicious firmware for broader exploitation

In some cases, attackers could rewrite the device firmware entirely, enabling remote code execution or even spreading the attack to other devices nearby.

Real-World Risk: Who Should Be Concerned?

Despite the serious possibilities, real-world attacks using these Bluetooth security flaws are unlikely to target the average person. They require physical proximity, technical sophistication, and devices with outdated firmware—making them most relevant for high-value targets such as politicians, journalists, activists, or professionals in sensitive industries.

The researchers emphasized that while the vulnerabilities are technically serious, executing such an attack in practice is highly complex and unlikely to be performed on a large scale.

Patches Are Coming—but Not Fast Enough

To address the issue, Airoha released an updated software development kit (SDK) with necessary fixes. Device manufacturers have begun integrating these updates and pushing out firmware patches.

However, German publication Heise reports that many affected devices still run firmware from before Airoha released its updated SDK. This means some users may still be vulnerable—without knowing it.

What You Can Do to Stay Safe

If you use Bluetooth audio gear from brands like Sony, Bose, JBL, or Marshall, check for firmware updates through the official app or support site. Apply them as soon as they’re available to ensure your device has the latest protections.

While most people don’t need to worry about being targeted, it’s always wise to stay informed. These Bluetooth security flaws are a reminder that even everyday tech can be a weak point if not regularly updated.

Conclusion

The discovery of these Bluetooth security flaws highlights how even trusted, everyday devices can become tools for intrusion when vulnerabilities go unpatched. While the likelihood of a large-scale attack remains low, the risks to privacy—especially for individuals in sensitive roles—are real.

As always, the best defense is awareness. Keep your devices updated, follow manufacturer announcements, and be mindful of your Bluetooth connections. In an increasingly connected world, even your headphones can be a potential entry point—so don’t let outdated software become your weak spot.