A high-severity vulnerability in the Beats Studio Buds wireless earbuds has been patched by Apple, addressing a flaw that allowed unauthorized access to the device's audio feed. The vulnerability, identified as CVE-2025-20701, enabled attackers to impersonate previously paired devices and eavesdrop on users within signal range. This was made possible by improper authentication in the firmware of the Bluetooth-related chips. As a result, nearby hackers could intercept conversations or sounds captured by the phone's microphone. The patch is significant, as the vulnerability could be exploited by attackers to gain unauthorized access to sensitive information1. This vulnerability highlights the importance of regular firmware updates for wireless devices, as unpatched flaws can be exploited by malicious actors. The patching of this vulnerability is crucial for maintaining the security and privacy of Beats Studio Buds users, making it essential for practitioners to prioritize firmware updates for their devices.
Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds
⚠️ Critical Alert
Why This Matters
CVE-2025-20701 is in active discussion involving Apple — exploitation status determines whether this is patch-now or monitor.
References
- Ars Technica. (2026, June 18). Apple patches high-severity eavesdropping vulnerability in Beats Studio Buds. *Ars Technica*. https://arstechnica.com/apple/2026/06/apple-patches-high-severity-eavesdropping-vulnerability-in-beats-studio-buds/
Original Source
Ars Technica
Read original →