A new firmware update released by Apple closes a security hole that could allow a malicious actor to gain unauthorized access to the popular AirPods headphones.
The authentication issue, identified as CVE-2024-27867, could allow a threat actor in close proximity to exploit the vulnerability to eavesdrop on private conversations. Affected devices include AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.
In an advisory posted by Apple, they stated:
“When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones”
The patch has been included as of AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8.
AirPods are designed to update their firmware automatically when the headphones are paired with and in range of your iPhone, iPad, or Mac. You can check the firmware version of your wireless headphones in Bluetooth settings on your device.
- On iPhone or iPad, go to Settings > Bluetooth.
- On Mac, go to System Settings > Bluetooth.
- Then tap the info button next to your headphones.
Airpods are growing in popularity with both commercial and retail consumers who already use other apple products. An previous article from Bloomberg indicated that Airpods made up 31.8% of the headphone market in 2022.