CVE-2025-20700

Airoha Bluetooth RACE vulnerabilities (CVE-2025-20700/20701/20702) Blog post: https://t.co/ZQ1PSdKoX0 White paper: https://t.co/cPOi3TXYSa Credits Dennis Heinze, Frieder Steinmetz (@ERNW_ITSec) #infosec #bluetooth https://t.co/N09ePAiGPU

ATK-maailmassa on levinnyt tieto uudesta Bluetooth laitteisiin liittyvästä tietoturvallisuushaavoittuvuudesta (tunnisteet: CVE-2025-20700, CVE-2025-20701 ja CVE-2025-20702). Kyseiset haavoittuvuudet koskevat kuluttajatuotteita, jotka käyttävät yhtä tiettyä Bluetooth modu

Dear @Bose when do you plan to fix: CVE-2025-20700: No authentication on BLE CVE-2025-20701: No authentication on BT Classic CVE-2025-20702: Debug protocol exposed that should never be accessible which make the Airoha chipset on your QC Buds an open door to my phone?

those bluetooth earbuds, speakers, etc. 👀 CVE-2025-20700 / CVE-2025-20701 / CVE-2025-20702 https://t.co/XNMwcpt9Ep

⚠️ Vulnerabilidades en chipsets Bluetooth ❗ CVE-2025-20700 ❗ CVE-2025-20701 ❗ CVE-2025-20702 ➡️ Más info: https://t.co/0znjTzVrM4 https://t.co/6FsC7RUzch

🚨 Bluetooth exploit toolkit released for Airoha headphone flaws impacting major brands Researchers published full technical details and a testing toolkit for three Airoha-based Bluetooth vulnerabilities (CVE-2025-20700/20701/20702) that can be abused by an attacker within

Bluetooth Headphone Jacking: Full Disclosure of Airoha RACE Vulnerabilities This blog post is about CVE-2025-20700, CVE-2025-20701, and CVE-2025-20702 vulnerabilities technical details in Airoha-based Bluetooth headphones and earbuds. https://t.co/HGPppeXr94 pdf: https://t.co/11U

به تازگی برای پروتکل Airoha که مبتنی بر Bluetooth می باشد و در بیشتر هدفون های Sony و مارشال و سایر هدفون های دیگر استفاده می شود ، آسیب پذیری هایی با کد های شناسایی C

🚨 Bluetooth Headphone Flaws Let Attackers Hijack Connected Smartphones Researchers disclosed three Airoha SoC issues (CVE-2025-20700/20701/20702) that allow nearby attackers to access the RACE protocol without proper authentication, then extract the Bluetooth Link Key and

🚨 Airoha Bluetooth Headphone Flaws Let Attackers Hijack Paired Smartphones Three bugs (CVE-2025-20700/20701/20702) in Airoha’s RACE protocol allow nearby attackers to connect without authentication, gain arbitrary memory read/write, and extract the Bluetooth link key to

Researchers detail CVE-2025-20700/1/2 in Airoha-based Bluetooth headphones from Sony, Bose, JBL, allowing eavesdropping and smartphone hijack. Firmware updates urged. #Bluetooth https://t.co/Klhv8Iy6mn

Hey @Bose/@BoseService fix the BT CVE on your headphones CVE-2025-20700, CVE-2025-20701, CVE-2025-20702 https://t.co/PGt3aboa11 https://t.co/nAGqHybae3

Bluetoothの脆弱性により、マイク通じた盗聴が可能になる恐れ（CVE-2025-20700、CVE-2025-20701、CVE-2025-20702） https://t.co/5917jBlcSB これ関連のアップデートかな? やっぱり……対象だった😳 https://t.co/MEog2LU6yN

CVE-2025-20700 (CVSS:8.8, HIGH) is Awaiting Analysis. In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protoc..https://t.co/rwGXp7LuPT #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

CVE-2025-20700 Bluetooth LE GATT Permission Bypass in Airoha SDK Enabling Privilege Escalation https://t.co/HOYFl1JCgI

CVE-2025-20700 In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This cou… https://t.co/JCoSsXHuP1

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/qL62ywHJsz

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/JKhJg4ulgq

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/Xb9I8owMVz

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/PcNYy00YiW

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/LC1mOxWP5k

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/OBjqEbHBbZ

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/7urKK8D28s

Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/qbNGFBYhFb

CVE-2025-20700 CVE-2025-20701 CVE-2025-20702 https://t.co/UzVVbS5oZ1

Flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) allow attackers to hijack headphones, eavesdrop, and extract call logs without pairing. https://t.co/T426LkeaKw https://t.co/zpa59MfzEX

Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.co

Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.c

Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

Bluetoothの脆弱性により、マイク通じた盗聴が可能になる恐れ（CVE-2025-20700、CVE-2025-20701、CVE-2025-20702） | Codebook｜Security News https://t.co/C6Mla6RKhs

Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

Critical flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) found in Bose, Sony, JBL, and other brands can turn headphones into spy devices, allowing live audio extraction and call hijacking #BluetoothSecurity #HeadphoneHack #Cybersecurity #AirohaChips https://t.co/WT1sjhnU0N

多数のBluetoothオーディオ機器にマイクからの盗聴が可能となる脆弱性。Beyerdynamic、Bose、ソニー、Marshall、Jabra、JBL、Jlab、EarisMax、MoerLabs,　Teufelの10社/29機種が対象。SoC上のAirohaシステムにおける3件の脆弱性(CVE-

Just opened a support ticket with @Sennheiser to check if my Sennheiser IE 100 Pro Wireless are affected by the zero day vulnerabilities CVE-2025-20702, CVE-2025-20700, CVE-2025-20701. Amazed to see: if they answer, when they answer and if it's affected.