Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap Vulnerability

The security update fixes CVE-2025-20701, a vulnerability discovered by Dennis Heinze and Frieder Steinmetz of German cybersecurity firm ERNW. The issue is tracked as CVE-2025-20701, CVE-2025-20700, CVE-2025-20702. Apple also released new 8B41 firmware for AirPods Pro 2 and AirPods Pro 3, but it doesn’t include the patch for CVE-2025-20701, as these use Apple’s proprietary audio silicon.

The Vulnerability

The vulnerability, tracked as CVE-2025-20701 (CVSS score: 8.8), refers to a case of incorrect authorization impacting the Airoha Bluetooth audio SDK that makes it possible to pair a Bluetooth audio device without user consent.

Further details indicate that details of the vulnerability first emerged in June 2025 when ERNW GmbH researchers Dennis Heinze and Frieder Steinmetz flagged it alongside two other flaws in Airoha SoCs (CVE-2025-20700 and CVE-2025-20702) at the TROOPERS security conference in Germany.

CVE-2025-20701 can be exploited when the Beats headphones aren’t paired and actively looking for devices for pairing.

The CVE-2025-20701 vulnerability was discovered by researchers at a cybersecurity company, ERNW, and first reported back in June 2025, with more disclosure in December of the same year.

“An attacker within Bluetooth range may be able to listen through the microphone of a device which is not yet paired and actively seeking pair requests,”, Spokesperson

Technical Details

CVEs:

• CVE-2025-20701

• CVE-2025-20700

• CVE-2025-20702

From a technical standpoint, the vulnerability presents several concerns:

These capabilities allow for multiple attack scenarios.” New Unpatchable Exploit Discovered in Apple’s A12 and A13 Chips The disclosure comes as Paradigm Shift disclosed a novel iPhone SecureROM (aka BootROM) vulnerability impacting Apple’s A12 and A13 chips, in addition to a proof-of-concept (PoC) exploit codenamed usbliter8.

Risk & Exposure

Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users. “As these vulnerabilities reside in immutable code, affected users should be aware that migrating to newer hardware remains the most effective mitigation.” At a high level, the exploit works by leveraging a flaw in the USB controller built into Apple SoCs. Because Airoha chips are used in a wide range of audio products, the issue affected multiple devices, including Beats Studio Buds.

Apple has released Beats Firmware Update 1B211 to address a Bluetooth vulnerability affecting Beats Studio Buds that could allow a nearby attacker to listen through a device’s microphone before it has been paired.

Timeline

| Date | Event | |, , |, , -| | 2025 | Similar patches were released by Jabra in December 2025. | | 2025 | Researchers disclosed flaws in Airoha system-on-a-chip (SoCs) devices at a security conference in Germany in 2025. | | 2025 | The security update fixes CVE-2025-20701, a vulnerability discovered by Dennis Heinze and Frieder Steinmetz of German… | | 2025 | The vulnerability is one of three critical Bluetooth flaws that ERNW disclosed in 2025 after analyzing firmware used … | | 2025 | CVE-2025-20701, the flaw addressed by Apple, specifically involved a lack of pairing enforcement over Bluetooth Class… | | 2021 | Apple Just Updated The Beats Studio Buds To Fix A Major Bluetooth Security Flaw Apple’s 2021 Beats Studio Buds wirele… |

Patching & Remediation

1. Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited by nearby hackers to eavesdrop on users.

2. The issue has been addressed in Beats Firmware Update 1B211.

3. Similar patches were released by Jabra in December 2025.

4. “On A12 and A13, USB DART is configured in bypass mode, allowing us to overwrite SRAM data freely.

5. Apple has patched a Bluetooth flaw in Beats Studio Buds that could potentially turn your earbuds into a nearby wiretap.

6. It should read 1B211 if the security update has been applied.

Analysis

This disclosure adds to a growing pattern of critical vulnerabilities affecting enterprise infrastructure.

Sources

1. https://www.malwarebytes.com/blog/bugs/2026/06/apple-patches-beats-studio-buds-flaw-that-could-turn-earbuds-into-a-wiretap
2. https://www.bgr.com/2197259/apple-updated-beats-studio-buds-to-fix-bluetooth-security-flaw/
3. https://nvd.nist.gov/vuln/detail/CVE-2025-20701
4. https://nvd.nist.gov/vuln/detail/CVE-2025-20700
5. https://nvd.nist.gov/vuln/detail/CVE-2025-20702
6. https://support.sap.com/en/my-support/knowledge-base/security-notes.html/CVE-2025-20701
7. https://support.sap.com/en/my-support/knowledge-base/security-notes.html/CVE-2025-20700
8. https://support.sap.com/en/my-support/knowledge-base/security-notes.html/CVE-2025-20702