Apple released its latest firmware update for its AirPods products to address a vulnerability that could give a threat actor unauthorized access.
The vulnerability is tracked as CVE-2024-27867 and affects AirPods (second generation and later) and AirPods Pro (all models), as well as AirPods Max, Powerbeats Pro, and Beats Fit Pro.
“When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones,” reported Apple in an advisory.
To fix for the issue, Apple said that an “authentication issue was addressed with improved state management” in AirPods firmware update 6A326, AirPods firmware update 6F8, and Beats firmware update 6F8. These firmware updates are automatically delivered to a user’s device while the headphones or AirPods are in Bluetooth range of an iPhone, iPad, or Mac.
Apple credited Jonas Dreßler for the discovery of the flaw as with well as reporting the bug to the company.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/bltab06c0b454a23ac7/667c659dfa65e3ca29e75b9a/airpods_Hoor_Aloraidh_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop
