Tech Made Simple

Hot Topics: All Roku Players Compared | Best iPad Keyboard Cases | How to Get Emergency Satellite Service for Your Phone

We may earn commissions when you buy from links on our site. Why you can trust us.

author photo

A Bluetooth flaw let nearby attackers listen through your earbuds

by Palash Volvoikar on June 26, 2026

image of a beats studio bud in an ear with the airoha chip showing

Some of the most popular wireless earbuds on the market had a security flaw that let a nearby attacker secretly listen through the microphone. Brands affected include Beats, Sony, Bose, JBL, Marshall, and about six others, nearly 30 earbuds in total, because they all use the same Bluetooth chip made by a company called Airoha. Fixes have been rolling out since mid-2025, and Apple just shipped the last major patch, for Beats Studio Buds, in June 2026.

How the attack worked

The flaw (CVE-2025-20701), discovered by security firm ERNW, was in how Airoha's chip handled Bluetooth connections. It basically left a door open that was supposed to be locked, letting an attacker within Bluetooth range pair with your earbuds without you knowing and access the microphone.

The catch is that it only worked when your earbuds were unpaired and actively searching for a connection. That makes it a lot less scary than it sounds. If they were already connected to your phone, you were likely fine. So the actual risk window is pretty narrow. Someone would need to be physically nearby at the exact moment you were pairing your earbuds, which is not something most people do out in public all that often.

However, if you still want to lower that risk, I would recommend that you pair your earbuds at home when you can rather than in a crowded place. Turning Bluetooth off entirely in public is probably more than most people need to worry about.

Read More: How to Tell if Your Phone Has Been Hacked

What the fixes patched

Most brands had already shipped fixes before Apple got there. JBL updated the Live Buds 3 and Endurance Race 2 in July 2025. Bose fixed the QuietComfort Earbuds by January 2026. Sony shipped its updates in early 2026.

Apple's patch for Beats Studio Buds, firmware version 1B211, shipped in June 2026. It installs automatically when your buds are near your paired iPhone, but you should confirm it actually landed. Open Bluetooth settings on your iPhone, tap the info icon next to your Beats Studio Buds, and look for firmware version 1B211.

If you have earbuds from any of the other affected brands, you should open the manufacturer's companion app and check for a firmware update. The full list includes Beats, Sony, Bose, JBL, Marshall, Jabra, JLab, Beyerdynamic, and Teufel.

[Image credits: Generated with Gemini]

Topics

News, Phones and Mobile, Phone Accessories, Headphones, Blog


Discussion loading

Techlicious Guides & Reviews

New Articles on Techlicious

Home | About | Meet the Team | Contact Us
Media Kit | Newsletter Sponsorships | Licensing & Permissions
Accessibility Statement
Terms of Use | Privacy & Cookie Policy

Techlicious participates in affiliate programs, including the Amazon Services LLC Associates Program, which provide a small commission from some, but not all, of the "click-thru to buy" links contained in our articles. These click-thru links are determined after the article has been written, based on price and product availability — the commissions do not impact our choice of recommended product, nor the price you pay. When you use these links, you help support our ongoing editorial mission to provide you with the best product recommendations.

© Techlicious LLC.