CVE-2025-20700

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20700 refers to a security vulnerability found in Airoha Bluetooth chips, which are used in numerous audio devices like headphones and earbuds from brands such as Sony, JBL, and Bose. The vulnerability stems from missing authentication for GATT Services. An attacker within Bluetooth range can exploit this vulnerability to gain unauthorized access to the device. Successful exploitation of CVE-2025-20700 can allow attackers to manipulate the device, potentially reading and writing RAM and flash memory. This can lead to hijacking trust relationships with paired smartphones, eavesdropping on conversations by activating the device's microphone, initiating or intercepting phone calls, and extracting phone numbers and contact lists from connected phones.

Description
-

Social media

Hype score
Not currently trending

  1. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/qbNGFBYhFb

    @infiltr08

    6 Jul 2025

    195 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-20700 CVE-2025-20701 CVE-2025-20702 https://t.co/UzVVbS5oZ1

    @huseyin_y52727

    2 Jul 2025

    11 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) allow attackers to hijack headphones, eavesdrop, and extract call logs without pairing. https://t.co/T426LkeaKw https://t.co/zpa59MfzEX

    @svobodacenter

    1 Jul 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.co

    @Shift6Security

    1 Jul 2025

    72 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.c

    @Shift6Security

    1 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

    @dCypherIO

    30 Jun 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Bluetoothの脆弱性により、マイク通じた盗聴が可能になる恐れ(CVE-2025-20700、CVE-2025-20701、CVE-2025-20702) | Codebook|Security News https://t.co/C6Mla6RKhs

    @Luke06121

    30 Jun 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

    @dCypherIO

    30 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Critical flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) found in Bose, Sony, JBL, and other brands can turn headphones into spy devices, allowing live audio extraction and call hijacking #BluetoothSecurity #HeadphoneHack #Cybersecurity #AirohaChips https://t.co/WT1sjhnU0N

    @the_yellow_fall

    30 Jun 2025

    571 Impressions

    3 Retweets

    9 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  10. 多数のBluetoothオーディオ機器にマイクからの盗聴が可能となる脆弱性。Beyerdynamic、Bose、ソニー、Marshall、Jabra、JBL、Jlab、EarisMax、MoerLabs, Teufelの10社/29機種が対象。SoC上のAirohaシステムにおける3件の脆弱性(CVE-

    @__kokumoto

    29 Jun 2025

    905 Impressions

    0 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  11. Just opened a support ticket with @Sennheiser to check if my Sennheiser IE 100 Pro Wireless are affected by the zero day vulnerabilities CVE-2025-20702, CVE-2025-20700, CVE-2025-20701. Amazed to see: if they answer, when they answer and if it's affected.

    @mountainman1977

    29 Jun 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.