Post

Critical Bluetooth Vulnerability: How Audio Devices Can Be Exploited to Spy on Users

Discover how a newly found Bluetooth vulnerability in popular audio devices can be exploited to spy on users and steal information. Learn about the affected devices and how to protect yourself.

Posted
By Tom Grant
3 min read
Critical Bluetooth Vulnerability: How Audio Devices Can Be Exploited to Spy on Users

TL;DR

  • Researchers identified Bluetooth vulnerabilities in popular audio devices that could be exploited to spy on users and steal data.
  • Devices from major brands like Sony, Bose, and JBL are affected.
  • Users are advised to keep their firmware updated and be cautious of unexpected connection drops.

Critical Bluetooth Vulnerability in Audio Devices

Researchers have uncovered significant vulnerabilities in 29 Bluetooth devices, including speakers, earbuds, headphones, and wireless microphones from reputable brands such as Sony, Bose, and JBL. These vulnerabilities could be exploited to spy on users and steal information from their devices 1.

Discovery and Impact

The vulnerabilities were discovered by researchers from ERNW (Enno Rey Netzwerke GmbH), a well-established independent IT security firm based in Heidelberg, Germany. During their investigation into headphones and earbuds, the researchers identified several vulnerabilities in devices that incorporate Airoha Systems on a Chip (SoCs). Airoha is a major supplier in the Bluetooth audio space, particularly in True Wireless Stereo (TWS) earbuds.

The researchers found three specific vulnerabilities that allow an attacker to interfere with the connection between a mobile phone and an audio Bluetooth device, enabling them to issue commands to the phone. Exploiting these vulnerabilities, the researchers could initiate calls and eavesdrop on conversations or sounds within earshot of the phone. The extent of what an attacker can do depends on the device’s capabilities. All major platforms support initiating and receiving calls, but under certain circumstances, an attacker could also retrieve call history and contacts.

Attack Limitations and Requirements

While these attack scenarios are serious, they require a skilled attacker within close range. Bluetooth vulnerabilities are inherently limited to short ranges due to the technology’s design for low-power, personal area networking. The typical effective range for most consumer Bluetooth devices is about 10 meters (33 feet) under ideal conditions, as signals weaken significantly with distance and physical obstacles.

To perform inconspicuous eavesdropping, the listening device must be turned on but not in active use. Since these devices can only handle one Bluetooth connection at a time, the legitimate connection would be dropped if an attacker connects, which the user would likely notice.

Vulnerable Bluetooth Devices

The following devices were confirmed to be vulnerable:

  • Beyerdynamic Amiron 300
  • Bose QuietComfort Earbuds
  • EarisMax Bluetooth Auracast Sender
  • Jabra Elite 8 Active
  • JBL Endurance Race 2
  • JBL Live Buds 3
  • Jlab Epic Air Sport ANC
  • Marshall ACTON III
  • Marshall MAJOR V
  • Marshall MINOR IV
  • Marshall MOTIF II
  • Marshall STANMORE III
  • Marshall WOBURN III
  • MoerLabs EchoBeatz
  • Sony CH-720N
  • Sony Link Buds S
  • Sony ULT Wear
  • Sony WF-1000XM3
  • Sony WF-1000XM4
  • Sony WF-1000XM5
  • Sony WF-C500
  • Sony WF-C510-GFP
  • Sony WH-1000XM4
  • Sony WH-1000XM5
  • Sony WH-1000XM6
  • Sony WH-CH520
  • Sony WH-XB910N
  • Sony WI-C100
  • Teufel Tatws2

If you own one of these devices, keep an eye out for firmware updates from the manufacturers. If you experience connection drops while using one of the above Bluetooth devices, restart the device—it should automatically reconnect to your phone or system.

Protecting Yourself from Bluetooth Vulnerabilities

To safeguard against these vulnerabilities, users should:

  • Keep Firmware Updated: Regularly check for and install firmware updates from the device manufacturers.
  • Be Cautious of Connection Drops: If your Bluetooth device suddenly disconnects, it could be a sign of a potential attack. Restart the device and ensure it reconnects securely.
  • Limit Bluetooth Usage: Turn off Bluetooth when not in use to minimize the risk of exploitation.

Additional Resources

For further insights, check:

Conclusion

The discovery of these Bluetooth vulnerabilities highlights the importance of regular security updates and user vigilance. As technology advances, so do the methods used by cybercriminals. Staying informed and proactive is crucial in protecting personal information and ensuring the security of connected devices.

References

  1. (2025). “Bluetooth vulnerability in audio devices can be exploited to spy on users”. Malwarebytes. Retrieved 2025-07-01. ↩︎

Cybersecurity & Data Protection, Vulnerabilities
bluetooth vulnerability cybersecurity
This post is licensed under CC BY 4.0 by the author.