Apple AirPods Bluetooth Vulnerability Lets Attackers Gain Access to Device

Apple has recently released critical firmware updates for its AirPods and Beats headphones to address a significant Bluetooth vulnerability.

The updates, identified as AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8, were rolled out on June 25, 2024.

This security flaw tracked as CVE-2024-27867, was discovered by security researcher Jonas Dreßler.

CVE-2024-27867 – Vulnerability Details

The vulnerability affects a wide range of Apple’s wireless audio devices, including AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.

The issue arises when these headphones request a connection to one of their previously paired devices.

An attacker within Bluetooth range could spoof the intended source device and gain unauthorized access to the headphones.

Apple has described the flaw as an authentication issue addressed with improved state management.

This means that the devices now have enhanced mechanisms to verify the authenticity of the connection requests they receive, thereby preventing unauthorized access.

Impact and Mitigation

This vulnerability has a significant impact, as it could allow attackers to intercept audio streams, inject malicious audio, or even gain access to the device’s microphone.

This could lead to privacy breaches and unauthorized data collection.

To mitigate this risk, Apple has released the aforementioned firmware updates.

These updates are automatically delivered to the headphones when paired with and within Bluetooth range of an iPhone, iPad, or Mac.

Users must ensure their devices are updated to the latest firmware to protect against potential exploits.

Scan Your Business Email Inbox to Find Advanced Email Threats - Try AI-Powered Free Threat Scan

How to Check Your Firmware Version

Users can check the firmware version of their wireless headphones through the Bluetooth settings on their devices.

On an iPhone or iPad, navigate to Settings > Bluetooth; on a Mac, go to System Settings > Bluetooth.

Then, tap the info button next to the headphones to view the firmware version.

Apple has emphasized the importance of updating devices to the latest firmware to ensure security and optimal performance.

The company also reiterated its policy of not disclosing, discussing or confirming security issues until a thorough investigation has been conducted and patches are available.

Free Webinar! 3 Security Trends to Maximize MSP Growth -> Register For Free