A critical Bluetooth vulnerability, tracked as CVE-2025-20701, has been patched in Apple's Beats Studio Buds, which could have potentially allowed attackers to exploit the earbuds as a wiretap. The flaw, affecting Airoha system-on-a-chip devices, was disclosed by researchers at a security conference, highlighting the risk of everyday audio gear being turned into eavesdropping tools. Apple has since addressed the issue, but the exploitation status of CVE-2025-20701 remains a concern, with active discussions involving the company1. The vulnerability could have been abused by skilled attackers in close proximity to the earbuds, emphasizing the importance of prompt patching. This incident underscores the need for manufacturers to prioritize security in their products, particularly those with Bluetooth capabilities. The patching of this vulnerability is crucial for preventing potential eavesdropping, making it essential for users to ensure their devices are updated, so what matters most to practitioners is verifying the patch has been successfully applied to prevent exploitation.
Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap
⚡ High Priority
Why This Matters
CVE-2025-20701 is in active discussion involving Apple — exploitation status determines whether this is patch-now or monitor.
References
- Malwarebytes Labs. (2026, June 19). Apple patches Beats Studio Buds flaw that could turn earbuds into a wiretap. *Malwarebytes*. https://www.malwarebytes.com/blog/bugs/2026/06/apple-patches-beats-studio-buds-flaw-that-could-turn-earbuds-into-a-wiretap
Original Source
Malwarebytes Labs
Read original →