Microsoft continues to work tirelessly to fix bugs and patch security holes in Windows to help protect users from hackers and cybercriminals. However, new reports have surfaced highlighting serious security flaws—not in Windows, but in popular Bluetooth chipsets found in a wide range of devices.
And there’s real reason to be concerned. These newly discovered vulnerabilities affect dozens of Bluetooth-enabled devices, giving attackers the potential to take control of gadgets or even eavesdrop through microphones. The cybersecurity team at Bleeping Computer recently shared more details on these findings.
Which Devices Are Affected?
The issues lie within Bluetooth chipsets made by Airoha, which are used in over 20 device models from top brands like Sony, JBL, Marshall, Bose, Beyerdynamic, JLab, and MoerLabs. The devices impacted include wireless headphones, earbuds, speakers, and microphones.
If exploited, these vulnerabilities could allow cybercriminals to gain complete control over the device, access sensitive data, or spy on users by intercepting audio streams.
What Exactly Did Researchers Discover?
The findings were presented at Troopers, a cybersecurity conference in Germany, by researchers from ERNW, a German cybersecurity firm. They identified three vulnerabilities in the Airoha chipsets used in true wireless stereo (TWS) devices:
- CVE-2025-20700: A medium-severity flaw (score 6.7) related to lack of proper authentication for GATT services.
- CVE-2025-20701: Another medium-severity issue (score 6.7) tied to weak authentication for Bluetooth BR/EDR communication.
- CVE-2025-20702: A higher-severity vulnerability (score 7.5) that poses greater risks.
The researchers developed a proof-of-concept exploit to demonstrate the risks. In tests, they were able to read audio being played on the vulnerable devices.
How Could Attackers Exploit This?
In theory, an attacker could hijack the connection between a phone and a Bluetooth audio device, take control of the hands-free system, and issue commands to the connected phone. In some cases, depending on the phone’s settings, attackers could access contacts, call history, and even listen to private conversations.
Worse still, they could overwrite the device’s firmware, opening the door to more advanced and persistent attacks by installing malicious code remotely.
How Serious Is the Threat?
While the risks are significant on paper, researchers made it clear that exploiting these flaws would be extremely difficult. An attacker would need advanced technical skills and would often have to be physically close to the target device. This makes widespread attacks unlikely, particularly against high-profile individuals.
What’s Being Done About It?
Fortunately, Airoha has already developed patches to fix these vulnerabilities, and device manufacturers have begun rolling them out to users. With time, these security holes should be closed.
As always, keeping devices updated with the latest firmware is the best defense. Users are encouraged to check for updates regularly to stay protected from emerging threats.
