Apple has released a security update for Beats Studio Buds after identifying CVE-2025-20701, a Bluetooth-related flaw. The vulnerability could allow a nearby attacker to listen through the microphone of a device that has not yet been paired and is actively seeking a pairing request. The issue was resolved in Beats Firmware Update 1B211, which was released on June 16, 2026.
Apple’s advisory notes that the vulnerability affects Beats Studio Buds and stems from a problem in open-source code, with the CVE assigned by a third party.
What is the Impact of CVE-2025-20701?
The impact of CVE-2025-20701 is limited to an attacker within the Bluetooth range. However, the security risk is still significant because the vulnerability could expose the microphone audio without the user’s consent. The flaw is reportedly tied to incorrect authorization in the Airoha Bluetooth audio SDK, which could permit Bluetooth pairing without user approval.
Experts classify CVE-2025-20701 as a high-severity privilege escalation issue with a CVSS score of 8.8. It has also been described as an authorization bypass that allows unauthorized pairing of Bluetooth audio devices.
The Timeline of the Beats Studio Buds Vulnerability:
Apple attributed the discovery of Beats Studio Buds vulnerability, CVE-2025-20701 to Dennis Heinze and Frieder Steinmetz of ERNW GmbH. Reportedly, the weakness first surfaced publicly in June 2025, when the researchers presented related Airoha SoC flaws at the TROOPERS conference in Germany, alongside two other CVEs, CVE-2025-20700 and CVE-2025-20702. The National Vulnerability Database published the vulnerability on August 4, 2025.
Apple’s advisory is a reminder that Bluetooth peripherals can carry security risks even when they are not traditional computing devices. The flaw could be a part of a broader class of Bluetooth authorization weaknesses affecting Airoha-based audio products.
Update to Patch the Flaw:
Apple released the Beats Firmware Update 1B211 to patch the vulnerability of CVE-2025-20701. According to the published advisory, firmware updates for wireless headphones are delivered automatically while the headphones are paired with and within Bluetooth range of an iPhone, iPad, or Mac. Additionally, users can check the current firmware version through Bluetooth settings on their Apple device.
It indicates that the fix does not require a separate installer but does depend on the accessory being connected during the normal Apple update flow.
The security flaw raises concerns about unauthorized access to Bluetooth devices. Furthermore, the concern is not just unauthorized pairing, but the possibility of microphone access on a nearby accessory before the user has fully established trust with the device. Addressing the flaw, Apple’s patch closes the issue for Beats Studio Buds immediately, while requiring the device to be near and connected to an Apple device.
SecureITWorld is a leading publication dedicated to highlighting cybersecurity issues and simplifying strategies to prevent possible threats. Visit us and stay informed.
Read More:
