Improved State Management Fixes Authentication Issue

Summary

The CVE-2024-27867 vulnerability affects a wide range of Apple’s wireless audio devices, including AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro. It allows an attacker within Bluetooth range to spoof the intended source device and gain unauthorized access to the headphones. The impact of the vulnerability is significant, as it could allow attackers to intercept audio streams, inject malicious audio, or gain access to the device’s microphone. Apple has released firmware updates to address the issue, and users are urged to update their devices promptly to mitigate the risk. While the risk of exploitation is considered small, updating devices to the latest firmware is recommended to ensure security and optimal performance.

News Articles

Forbes

CVE-2024-27867

Apple Issues New AirPods Security Update For Eavesdropping Flaw

Apple has issued an update for AirPods to fix a flaw that could allow an attacker to eavesdrop on your conversations. Here's what you need to know.

6 months ago

CybersecurityNews

CVE-2024-27867

Apple AirPods Bluetooth Vulnerability Lets Attackers Gain Access to Device

Apple has recently released critical firmware updates for its AirPods and Beats headphones to address a significant Bluetooth vulnerability.

6 months ago

Magasin MACKEN

CVE-2024-27867

Apple åtgärdar allvarligt säkerhetsbugg i Bluetooth - som kan exploateras för att avlyssna dig

Buggen har fått namnet CVE-2024-27867, och det är ett autentiseringsproblem, som finns i mjukvara för AirPods (andra generationen och senare), AirPods Pro (alla…

6 months ago

References