Find notable cyber news and cases, enriched with sources, timelines, and signals.
Home Watchlists Beta Browse News Feed Stats About Contact

Beats Studio Buds Bluetooth BR/EDR missing-authentication security flaw (multiple vulnerabilities)

Vulnerability
First reported
Last updated
Happening score
H score 16
1 unique sources, 1 articles

Summary

Hide ▲

Beats Studio Buds are affected by CVE-2025-20701, a missing-authentication flaw in Airoha system-on-a-chip (SoCs) and the Bluetooth BR/EDR radio that can let a nearby attacker listen through the microphone of an unpaired device. Apple shipped Beats Firmware Update 1B211 to patch the bug. Researchers also built a proof-of-concept exploit and said chaining it with CVE-2025-20700 and CVE-2025-20702 can expand control to calls and device memory.

Related Happenings

Coruna iOS exploit analysis ties updated Triangulation kernel exploit lineage

Technical Analysis
H score33 First: 26.03.2026 15:10 Last: 26.03.2026 15:10 Sources 1

About this happening: **Coruna** has been linked to an **updated** exploit lineage from **Operation Triangulation**, showing that a long-running iPhone attack framework continues to evolve and can stil...

Open Happening

Timeline

  1. 18.06.2026 15:23 2 articles · 2h ago

    Apple patches Beats Studio Buds Bluetooth flaw with Beats Firmware Update 1B211

    Mitigation Patch Update

    Apple released security updates for Beats Studio Buds to fix CVE-2025-20701 in Airoha system-on-a-chip (SoCs), a Bluetooth-range flaw that could let an attacker listen through the microphone of a device that is not yet paired and actively seeking pair requests. Beats Firmware Update 1B211 is automatically delivered to vulnerable headphones when they are paired and within Bluetooth range of the user's iPhone, iPad, or Mac.

    Show sources
    Open in new tab