Apple has released Beats Firmware Update 1B211 to fix a Bluetooth vulnerability in Beats Studio Buds that could let an attacker, while within range and the earbuds were unpaired, listen through the earbuds’ microphone. The issue is tracked as CVE-2025-20701.
The fear is simple: your earbuds shouldn’t become someone else’s microphone.
On June 16, Apple released Beats Firmware Update 1B211 to address a Bluetooth vulnerability in Beats Studio Buds. The company said the flaw could allow an attacker within Bluetooth range to listen through the earbuds’ microphone while the device was unpaired and actively seeking a connection.
The problem is tracked as CVE-2025-20701. In its security advisory, Apple described it as a vulnerability in open source code and said Apple software was among the affected projects. Apple credited Dennis Heinze and Frieder Steinmetz of ERNW GmbH for reporting the issue.
Apple’s wording stays focused on the “pairing” moment—when trust is still being negotiated. The security advisory said an attacker may have been able to listen through the microphone of a device that was not yet paired and was actively seeking a pairing request.
Other details point to how narrow that opening can be. The Hacker News reported that CVE-2025-20701 involved incorrect authorization in the Airoha Bluetooth audio SDK. That could allow a Bluetooth audio device to pair without user consent. The Hacker News also reported a CVSS score of 8.8 for the vulnerability.
ERNW researchers had previously discussed related Airoha system-on-a-chip flaws at the TROOPERS security conference in Germany. The Hacker News said those researchers described many vulnerabilities that could allow attackers to take over headphones via Bluetooth without authentication or pairing.
The timing matters because this isn’t the kind of attack that slips in from across the internet. The attacker would need to be close—within Bluetooth range—and the Beats Studio Buds would need to be unpaired and actively looking for a pairing request.
Malwarebytes explained how that turns into a practical risk: the flaw affects the authentication process during pairing. In a normal pairing flow, headphones and a phone establish trust before sensitive functions, such as microphone access, become available. In this case. a nearby attacker could potentially pose as a legitimate pairing partner before the user finishes connecting the earbuds.
That limitation changes what kind of threat this looks like in the real world. It’s more likely to fit targeted attacks than broad criminal campaigns. Opportunistic attackers, Malwarebytes said, are still more likely to use phishing, password theft, or credential stuffing than specialized Bluetooth attacks.
Still. the stakes feel personal for people who handle sensitive conversations in public spaces—executives. journalists. public officials. security staff. and employees working near shared devices. For them, the idea of a microphone being reachable through a routine wireless connection can’t be dismissed as theoretical.
Apple also made the update path clear. Beats firmware updates are delivered automatically while the headphones are paired with and in Bluetooth range of an iPhone, iPad, or Mac. There is no manual “update now” button for Beats Studio Buds.
Users can confirm what’s installed by checking the firmware version in Bluetooth settings. On an iPhone or iPad. Apple said to go to Settings. then Bluetooth. and tap the information button next to the Beats Studio Buds. On a Mac, go to System Settings, then Bluetooth, and check the information next to the headphones.
After the update is applied, the firmware version should show 1B211. If an older version appears, Apple advised users to keep the earbuds charged, connected, and near their Apple device until the update installs.
For IT teams, Apple’s fix lands with a reminder that peripherals can matter just as much as phones and laptops. Bluetooth accessories may sit outside traditional endpoint management, but they still interact with microphones, devices, accounts, and conversations organizations work hard to protect.
Apple Beats Beats Studio Buds firmware update 1B211 CVE-2025-20701 Bluetooth vulnerability Bluetooth pairing security microphone exposure cybersecurity
So basically my earbuds could’ve been recording me?? Cool cool.
I swear every update is just more stuff to “fix” after it’s already been hacked. Like what are they even doing in the first place? If it needs to be unpaired, then my phone probably does that all the time anyway.
Wait, I read this as like the earbuds wiretapped me through the mic even when they’re connected… which is terrifying. But then it says Bluetooth range and unpaired?? So if I’m using them, am I safe or is it still searching for connections while I’m listening? Kinda confused.
This is why I don’t trust Bluetooth anything. Next thing you know people are gonna be “listening” like it’s a spy movie. Also CVE whatever sounds like a scamy code. Just sell regular earbuds and stop making them smart.