Bluetooth Vulnerability in Samsung Galaxy Buds and Galaxy Buds 2
CVE-2024-58101

8.1HIGH

Key Information:

Vendor: Samsung
Status: Galaxy Buds
Vendor: CVE Published:; 14 May 2025

What is CVE-2024-58101?

The Samsung Galaxy Buds and Galaxy Buds 2 audio devices have been identified with a Bluetooth pairing vulnerability that allows them to connect without user input. This feature exposes users to risks such as unauthorized audio playback takeover and potential microphone recording, all occurring without any user consent or notification. The lack of controls to disable this pairing mode raises significant privacy concerns for owners of these audio devices.

References

https://www.tarlogic.com/blog/cve-2024-58101

CVSS V3.1

Score:

8.1

Severity:

HIGH

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 14, 2025
Vulnerability Reserved
Mar 6, 2025