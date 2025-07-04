India's cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity warning for users of Bluetooth audio devices. The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware.(Pixabay)

The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware, which could allow attackers to gain unauthorised access to Bluetooth audio devices such as the Sony WH-1000XM5, JBL Live Buds 3, Bose QuietComfort Earbuds, and Marshall Motif II.

“The vulnerabilities exist in Airoha Systems-on-Chip (SoCs) due to missing authentication in the GATT service and the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) component, as well as a flaw in a custom protocol,” CERT-In said in the warning issued on July 2.

“An attacker could exploit these vulnerabilities by establishing connections between mobile devices and audio Bluetooth devices and by delivering commands via the Bluetooth Hands-Free Profile (HFP),” it added.

It warned that attackers could potentially eavesdrop or manipulate audio communications and intercept or inject commands on the targeted system.

CERT-In said that Airoha has supplied an update containing firmware fixes to all device manufacturers on 4 June 2025. “Each vendor is expected to release product-specific firmware updates in its next scheduled cycle,” it said.

According to a Business Standard report, Airoha is a leading supplier of Bluetooth audio chipsets (SoCs), commonly used in True Wireless Stereo (TWS) earbuds and other audio equipment manufactured by top brands like Sony and JBL.

Which devices are affected?

German cybersecurity firm Enno Rey Netzwerke GmbH (ERNW) said that 29 audio products across 10 brands are impacted.

The brands include Bose, Sony, JBL, Jabra, Marshall, Beyerdynamic, JLab, EarisMax, MoerLabs, and Teufel. The affected devices range from wireless headphones and earbuds to microphones and speakers.

Some of the models confirmed vulnerable include Beyerdynamic Amiron 300, Bose QuietComfort Earbuds, EarisMax Bluetooth Auracast Sender, Jabra Elite 8 Active, JBL Endurance Race 2, JBL Live Buds 3, Jlab Epic Air Sport ANC, Marshall ACTON III, Marshall MAJOR V, Marshall MINOR IV, Marshall MOTIF II, Marshall STANMORE III, Marshall WOBURN III, MoerLabs EchoBeatz, Sony CH-720N, Sony Link Buds S, Sony ULT Wear, Sony WF-1000XM3, Sony WF-1000XM4, Sony WF-1000XM5, Sony WF-C500, Sony WF-C510-GFP, Sony WH-1000XM4, Sony WH-1000XM5, Sony WH-1000XM6, Sony WH-CH520, Sony WH-XB910N, Sony WI-C100, Teufel Tatws2.