Important note: Some media coverage on this topic falsely or inaccurately depicts the attack conditions. To be clear: Any vulnerable device can be compromised if the attacker is in Bluetooth range. That is the only precondition. During our research on Bluetooth headphones and earbuds, we identified several vulnerabilities in devices that incorporate Airoha Systems on a Chip (SoCs). In t ...

Security researchers found that probably millions of Bluetooth headphones are vulnerable to an attack that lets others read data from the headphones, including the pairing key material for the communication with a paired device, thus allowing to impersonate the headphones. As a result, one can use a spoofed connection to read contact data from phones, but also make phone calls or use Siri voice commands to let the phone execute actions.

There is currently no fix.