Apple has released an important security update for Beats Studio Buds after fixing a vulnerability that could allow nearby attackers to misuse the earbuds’ microphone. The issue affected devices that were not yet paired and were actively searching for Bluetooth connections. According to Apple’s security advisory, an attacker within Bluetooth range could potentially listen through the microphone under specific conditions.
The vulnerability has been identified as CVE-2025-20701 and was linked to open-source code used in affected software projects. Security researchers discovered that the flaw originated from a weakness in the Bluetooth BR/EDR radio implementation used by the underlying hardware platform. Apple confirmed that its software was among the projects impacted by the issue.
Researchers Dennis Heinze and Frieder Steinmetz of ERNW GmbH were credited with finding the flaw. Their investigation revealed that the weakness stemmed from missing authentication protections within the Bluetooth communication process. This meant that, under certain circumstances, unauthorized devices could establish a connection without the expected security checks being properly enforced.
Security experts explained that the attack required the target earbuds to be unpaired and actively seeking pairing requests. In addition, the attacker needed to be physically close enough to remain within Bluetooth communication range. While these conditions limit the attack scenario, the flaw still raised privacy concerns because it could expose audio captured by the earbuds’ microphone.
Apple addressed the issue through Beats Firmware Update 1B211. The company says the update is automatically delivered to vulnerable Beats Studio Buds when they are paired with a supported Apple device and meet the necessary update conditions. The firmware update was released on June 16, 2026, as part of Apple’s ongoing security maintenance efforts.
The incident highlights how wireless devices can become targets for attackers when weaknesses exist in communication protocols. Bluetooth technology is widely used across consumer electronics, making security flaws particularly important to address quickly. Even though exploitation required close physical proximity, the vulnerability demonstrated how privacy could be affected through seemingly routine wireless interactions.
Reports also noted that similar vulnerabilities affected other audio products using the same underlying technology platform. Several manufacturers have already issued fixes for impacted devices. The discovery serves as a reminder that security issues in shared software components can extend across multiple products and brands, creating broader risks throughout the technology ecosystem.
For Beats Studio Buds users, installing the latest firmware remains the most effective way to stay protected. Apple’s update closes the vulnerability and prevents attackers from exploiting the microphone-related weakness. As wireless devices continue to play a larger role in daily life, timely firmware updates remain an essential part of maintaining security and protecting user privacy.
Stay alert, and keep your security measures updated!
Source: Follow cybersecurity88 on X and LinkedIn for the latest cybersecurity news
