Multiple vulnerabilities in Airoha Bluetooth chips can allow attackers to take control of headphones and earbuds from various vendors by exploiting insecure protocols exposed via BLE GATT and Bluetooth BR/EDR. These flaws enable reading and writing device memory, hijacking trust relationships, and even firmware rewriting, posing significant security risks for high-value targets. #Airoha #BluetoothVulnerabilities
Keypoints
- Vulnerabilities in Airohaβs Bluetooth chips affect major headphone manufacturers like Sony and Marshall.
- The flaws stem from exposed custom protocols over BLE GATT and Bluetooth Classic, lacking authentication.
- Attackers within Bluetooth range can hijack devices, intercept media, or manipulate firmware without pairing.
- The vulnerabilities pose risks mainly to high-profile individuals such as diplomats and journalists.
- Airoha has released a new SDK version to fix these issues, but some vendors have not yet applied updates.
Read More: https://www.securityweek.com/airoha-chip-vulnerabilities-expose-headphones-to-takeover/