CVE-2025-20701

HIGH · 8.8 EPSS 3.4%

hype MIXED · 62 hack

Vendor patch + high CVSS credible; no KEV, no public PoC, nascent chatter.

What: Airoha Bluetooth audio SDK authorization flaw in Apple Beats Studio Buds allowing unpaired nearby attackers to establish pairing and eavesdrop via microphone without user consent (CVSS 8.8).

Why it matters: Apple has released firmware 1B211 patch; high CVSS and no-user-interaction requirement drive vendor urgency. Not yet KEV-listed, and no public PoC reported, but patch availability and coordinated disclosure indicate credible vulnerability. Defender triage is active.

Where it's seen: Security news outlets and social platforms echoing Apple's advisory; multilingual coverage (English, French, Japanese) amplifies reach. Firmware version and patch details circulating. No exploit code or in-the-wild reports yet.

RISK: HIGH — High CVSS, no user interaction, remote pairing + eavesdropping on consumer audio hardware.

Generated by claude-haiku-4-5 from public posts and authoritative metadata. AI can make mistakes — verify against vendor advisories before acting. 6/19/2026, 10:29:31 AM

Description

In the Airoha Bluetooth audio SDK, there is a possible way to pair Bluetooth audio device without user consent. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.

CVSS 3.1 breakdown

Exploitability 2.8 · Impact 5.9

vector CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Attack vector: Adjacent network
Complexity: Low
Privileges required: None
User interaction: None
Scope: Unchanged
Confidentiality: High
Integrity: High
Availability: High

Weaknesses

CWE-863

References

Other · 1

https://www.airoha.com/product-security-bulletin/2025