Three vulnerabilities have been identified in Bluetooth headphones made by the likes of Sony, Jabra and Marshall that could allow attackers to eavesdrop on conversations or retrieve call history and stored contacts.
The headphones all use chipsets manufactured by Airoha – a firm that has become a large supplier in the Bluetooth audio space, especially for True Wireless Stereo earbuds.
Security researchers ERNW found that “powerful custom protocols” could be executed on the devices through attacks that give read and write access to either the RAM or the flash storage. Crucially, they can be executed by attackers who are not paired with the devices – they merely need to be within Bluetooth range.
ENRW said it did not want to “disclose too many details” including the specifics of the vulnerabilities as they may be difficult to patch by vendors.
It added: “One other issue we identified is that some vendors are not even aware that they are using an Airoha system-on-chip. They have outsourced...