Techly NewsGet the app

Get the latest tech news

AirPods fast connect security vulnerability


: There’s a security vulnerability (CVE-2024-27867) in the firmware of Apple AirPods. Anyone who knows the Bluetooth MAC address (which is somewhat public) can connect to your AirPods and listen to the microphone or play music.

Some very important ones: The AirPods forget to check the security level of the connection, i.e. “ did the other side actually authenticate itself and turn on encryption? Once connected, an attacker can do everything a legitimate device can do, listen to the microphone, play music, see and pause the music that is currently playing from another connected device, or do various things the AAP protocol can do (like changing settings, crashing the AirPods by sending badly formatted messages, and a lot more things I haven’t looked into). I’d like to give a special thanks to Jiska Classen from University of Potsdam for helping with a bunch of Bluetooth questions and tips about the disclosure process.

Get the Android app

Or read this on Hacker News

Read more on:

Photo of AirPods

AirPods

Related news:

News photo

iOS 18 to Bring These 5 New Features to AirPods Pro

News photo

AirPods and Beats Firmware Updates Address Important Security Issue

News photo

Apple Releases New Firmware for AirPods, AirPods Pro, AirPods Max and More

« 90 Workers Given a Choice: Relocate Across the US, or Leave the Company
Enhancing the New York Times Web Performance with React 18 »