Summary
A newly discovered set of Bluetooth security flaws could expose millions of wireless headphones and earbuds to eavesdropping, connection hijacking, and data theft — all without the user’s knowledge.
Security researchers from ERNW have identified critical vulnerabilities in devices powered by Airoha Bluetooth chips, which are widely used in high-profile audio brands like Sony, Bose, Jabra, JBL, Marshall, and more.
Although you may not recognize the name Airoha, chances are you’ve used its technology in your wireless headphones.
What Is the Bluetooth Headphone Vulnerability?
The security flaws affect both Bluetooth Classic and Bluetooth Low Energy (BLE) protocols and stem from serious authentication issues in Airoha’s System-on-Chip (SoC) solutions.
Key Vulnerabilities Identified:
-
CVE-2025-20700: Missing authentication for GATT services
-
CVE-2025-20701: Missing authentication for Bluetooth BR/EDR
-
CVE-2025-20702: Custom protocol capabilities with near-critical severity (CVSS 9.6)
Combined, these issues could let attackers:
-
Access on-device microphones for remote eavesdropping
-
Redirect audio streams to hear the user’s surroundings
-
Send malicious commands to paired devices to initiate calls or extract sensitive data
Are Your Bluetooth Headphones at Risk?
Yes — if you own one of the affected models.
However, the good news is that these attacks require close-range access.
Bluetooth communication has a limited range, so an attacker would need to be physically near your headphones to exploit them.
Affected Headphones and Earbuds (as per ERNW’s June 25, 2025 report):
| Brand | Vulnerable Models |
|---|---|
| Beyerdynamic | Amiron 300 |
| Bose | QuietComfort Earbuds |
| EarisMax | Bluetooth Auracast Sender |
| Jabra | Elite 8 Active |
| JBL | Endurance Race 2, Live Buds 3 |
| JLab | Epic Air Sport ANC |
| Marshall | ACTON III, MAJOR V, MINOR IV, MOTIF II, STANMORE III, WOBURN III |
| MoerLabs | EchoBeatz |
| Sony | CH-720N, Link Buds S, ULT Wear, WF-1000XM3/4/5, WF-C500, WF-C510-GFP, WH-1000XM4/5/6, WH-CH520, WH-XB910N, WI-C100 |
| Teufel | Tatws2 |
Since Airoha chips are used in millions of Bluetooth audio products, the potential impact is massive.
How to Protect Your Bluetooth Headphones
While Airoha has reportedly developed a firmware fix, as of late June 2025, no updated firmware has been publicly released by headphone manufacturers.
In the meantime, users should take precautions:
1. Check for Firmware Updates
Use your headphone brand’s official app (such as Sony Headphones Connect or Bose Music) to see if new firmware is available.
2. Avoid Using in Sensitive Environments
If you own an affected model, avoid using it in places where privacy is critical, like during meetings or confidential calls.
3. Stay Informed
Watch for security advisories and updates from your headphone manufacturer and install patches as soon as they are released.
Why This Matters
As headphones become more integrated with our digital lives — from voice assistants and smart devices to phone calls and video chats — any Bluetooth security flaw becomes a significant privacy concern.
This latest Airoha vulnerability is a reminder that even trusted hardware can have hidden risks.