Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds

TL;DR

Apple has issued a security patch for Beats Studio Buds to fix a high-severity vulnerability that could enable eavesdropping and access to call history. The flaw affects Bluetooth connectivity and has been confirmed by security researchers.

Apple has released a firmware update for Beats Studio Buds addressing a high-severity vulnerability that could allow malicious actors to eavesdrop on audio streams and access call data. The fix comes after security researchers identified a flaw in the Bluetooth communication protocol used by the earbuds, which could be exploited to intercept audio and retrieve sensitive information.

The vulnerability, identified as CVE-2025-20701, was discovered by security firm SentinelOne and is linked to a flaw in the Bluetooth handling of Beats Studio Buds. Exploiting this flaw could enable attackers within Bluetooth range to intercept audio streams, potentially allowing eavesdropping on conversations and retrieving call logs. Apple has confirmed the release of a firmware update that patches this issue, urging users to update their devices promptly.

According to SentinelOne, the flaw stems from a weakness in the Bluetooth protocol implementation that could be manipulated to perform man-in-the-middle attacks or passive eavesdropping. The vulnerability is classified as high severity due to its potential impact on user privacy and security. Apple has not reported any known exploits in the wild but recommends updating immediately to mitigate risks.

Why This Security Fix Matters for Users

This update is significant because it addresses a high-severity vulnerability that could compromise user privacy and security. Eavesdropping on audio streams and accessing call data could expose sensitive conversations and personal information. As wireless earbuds become increasingly integrated into daily life, vulnerabilities like this highlight the importance of timely security updates to protect consumers from potential malicious exploits.

Beats Studio Buds + | True Wireless Noise Cancelling Earbuds, Enhanced Apple & Android Compatibility, Built-in Microphone, Sweat Resistant Bluetooth Headphones, Spatial Audio - Black/Gold

Beats Studio Buds + | True Wireless Noise Cancelling Earbuds, Enhanced Apple & Android Compatibility, Built-in Microphone, Sweat Resistant Bluetooth Headphones, Spatial Audio – Black/Gold

BEATS’ CUSTOM ACOUSTIC PLATFORM delivers rich, immersive sound whether you’re listening to music or taking calls.

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Bluetooth Vulnerabilities and Industry-Wide Risks

This vulnerability is part of a broader set of Bluetooth security issues affecting multiple device manufacturers. Previously, researchers disclosed vulnerabilities affecting over a dozen devices from brands like Sony, Nothing, JBL, OnePlus, and Google, related to Bluetooth protocol weaknesses that could be exploited for eavesdropping and device geolocation. While active exploitation remains rare, these flaws demonstrate ongoing risks in wireless communication security, especially as Bluetooth devices become more prevalent and integrated into personal and professional environments.

“The flaw in the Bluetooth implementation of Beats Studio Buds could allow attackers within range to intercept audio streams and access call logs, posing serious privacy risks.”

— an anonymous researcher

Discreet Mini Invisible Earbuds Wireless Bluetooth Micro Hidden Sleep Tiny Small Earbuds for Sleeping Ear Buds for Small Ears Spy Earpiece Hidden Mini Invisible Headphones for Work

Discreet Mini Invisible Earbuds Wireless Bluetooth Micro Hidden Sleep Tiny Small Earbuds for Sleeping Ear Buds for Small Ears Spy Earpiece Hidden Mini Invisible Headphones for Work

Ultra-Compact : These mini earbuds are truly invisible in-ear headphones, weighing just 0.08 oz—so lightweight you’ll barely feel…

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Unresolved Aspects of the Bluetooth Vulnerability

It is not yet clear whether the vulnerability has been exploited in the wild or if other Bluetooth devices from different manufacturers share similar flaws. Details about the specific methods attackers could use remain limited, and the full scope of potential impacts is still being assessed by security researchers.

Groove Wireless Bluetooth Earbuds with Charging Case | Wireless Sports Earbuds | Running Ear Phones | Black Electronics

Groove Wireless Bluetooth Earbuds with Charging Case | Wireless Sports Earbuds | Running Ear Phones | Black Electronics

PLAYTIME THAT LASTS: Enjoy extended listening sessions with larger batteries that outlast other brands, ensuring your music or…

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Next Steps for Users and Industry Stakeholders

Apple has issued a firmware update for Beats Studio Buds, and users are advised to install it immediately. Industry-wide, security researchers continue to monitor Bluetooth protocols for similar vulnerabilities. Manufacturers are expected to review their Bluetooth implementations and improve security measures. Ongoing research and disclosure efforts aim to prevent future exploits and enhance wireless device security.

Single Left Ear Bud Replacement for Beats Studio Bud (NOT for Bud+) (Black)

Single Left Ear Bud Replacement for Beats Studio Bud (NOT for Bud+) (Black)

1. Perfect Replacement for Lost Beats Studio Buds: Don’t let a lost single earbud ruin your audio experience!…

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Key Questions

How do I know if my Beats Studio Buds are affected?

If your earbuds are running the latest firmware, they are protected against this specific vulnerability. Check your device settings or firmware version via the Beats app or your device’s Bluetooth settings.

How can I protect myself from potential Bluetooth eavesdropping?

Turn off Bluetooth on your device when not in use, especially in public or untrusted environments. Keep your device firmware updated regularly to ensure security patches are applied.

Apple typically releases security updates as needed. Users should monitor official channels for firmware updates and security advisories.

Are other Bluetooth devices at similar risk?

Many Bluetooth devices share similar vulnerabilities; ongoing research indicates that multiple manufacturers’ products could be affected. Users should apply updates and exercise caution when using Bluetooth in sensitive situations.

Source: Ars Technica


You May Also Like

Apple Wants Blacklisted Chinese RAM — And That Tells You How Bad The Squeeze Got

Apple is lobbying US authorities to buy Chinese-made RAM from CXMT, raising questions about supply shortages and national security concerns amid a memory crunch.

Scientists Propose Black Holes Don’t Exist, Are Something Much Stranger

A recent scientific paper challenges the existence of black holes, suggesting they may be something much stranger, like gravastars or other exotic objects.

China storage battery makers denied cybersecurity approval in Japan

Chinese battery manufacturers have not received cybersecurity clearance from Japan, delaying their connection to the Japanese power grid amid upcoming certification mandates.

Chinese fentanyl network suspected of crypto fraud via Japan base

Investigations link a Chinese fentanyl precursor exporter to large-scale cryptocurrency fraud operating from Japan, raising concerns over illicit activities.