Wireless headphones are among the indispensable technological devices of daily life due to both ease of use and portability. However, a recent cybersecurity report shows that these devices can become a significant source of threats. An analysis conducted by a Germany-based cybersecurity firm revealed three critical software vulnerabilities in Bluetooth chips belonging to the Airoha brand.
A security vulnerability has emerged in wireless headphones
The report states that there are security vulnerabilities in the protocols used by the chips in question in both Bluetooth Low Energy (LE) and classic Bluetooth connections. These vulnerabilities allow attackers to access the memory directly from a distance of approximately 10 meters without making any pairing with the device.
This can cause the attacker to trick the device into introducing itself as a headset and take control of the device. Remote activation of the microphone and listening to the environment are also among these scenarios.
A software patch has been released by Airoha for the vulnerabilities, but it seems that headphone manufacturers have not yet integrated this patch into the devices. There are many popular products from leading brands among the models at risk of security.
According to the list, dozens of models from brands such as Beyerdynamic, Bose, Jabra, JBL, JLab, Marshall, MoerLabs, Sony and Teufel are affected. In particular, models from Sony’s WF and WH series, all of Marshall’s current headphone and speaker series, and Bose’s QuietComfort series are directly at risk.
Experts recommend that users with any of these models regularly check for software updates, follow the manufacturers’ statements, and keep their headphones completely closed when not in public. There is no concrete case shared as to whether the vulnerabilities are actively used by attackers, but the potential threat level is high.
{{user}} {{datetime}}
{{text}}