CVE-2025-20700

Published Aug 4, 2025

Last updated a month ago

CVSS high 8.8

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-20700 refers to a security vulnerability found in Airoha Bluetooth chips, which are used in numerous audio devices like headphones and earbuds from brands such as Sony, JBL, and Bose. The vulnerability stems from missing authentication for GATT Services. An attacker within Bluetooth range can exploit this vulnerability to gain unauthorized access to the device. Successful exploitation of CVE-2025-20700 can allow attackers to manipulate the device, potentially reading and writing RAM and flash memory. This can lead to hijacking trust relationships with paired smartphones, eavesdropping on conversations by activating the device's microphone, initiating or intercepting phone calls, and extracting phone numbers and contact lists from connected phones.

Description
In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This could lead to remote escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.
Source
security@mediatek.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
8.8
Impact score
5.9
Exploitability score
2.8
Vector string
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
HIGH

Weaknesses

security@mediatek.com
CWE-306

Social media

Hype score
Not currently trending

  1. CVE-2025-20700 (CVSS:8.8, HIGH) is Awaiting Analysis. In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protoc..https://t.co/rwGXp7LuPT #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    9 Aug 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. CVE-2025-20700 Bluetooth LE GATT Permission Bypass in Airoha SDK Enabling Privilege Escalation https://t.co/HOYFl1JCgI

    @VulmonFeeds

    4 Aug 2025

    94 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2025-20700 In the Airoha Bluetooth audio SDK, there is a possible permission bypass that allows access critical data of RACE protocol through Bluetooth LE GATT service. This cou… https://t.co/JCoSsXHuP1

    @CVEnew

    4 Aug 2025

    681 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  4. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/qL62ywHJsz

    @D_Hackz

    10 Jul 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/JKhJg4ulgq

    @cybersecur80472

    10 Jul 2025

    8 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/Xb9I8owMVz

    @nathy_hackers

    10 Jul 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/PcNYy00YiW

    @NumeroUnoHacker

    9 Jul 2025

    129 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/LC1mOxWP5k

    @cyberuncrack

    9 Jul 2025

    0 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/OBjqEbHBbZ

    @cyberecstasy01

    9 Jul 2025

    77 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  10. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/7urKK8D28s

    @hackersguru01

    8 Jul 2025

    84 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Bluetooth gap turns headphones into listening stations CVE-2025-20700: Missing Authentication for GATT Services CVE-2025-20701: Missing Authentication for Bluetooth BR/EDR CVE-2025-20702: Critical Capabilities of a Custom Protocol #hacks #China #f1jp https://t.co/qbNGFBYhFb

    @infiltr08

    6 Jul 2025

    195 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2025-20700 CVE-2025-20701 CVE-2025-20702 https://t.co/UzVVbS5oZ1

    @huseyin_y52727

    2 Jul 2025

    11 Impressions

    1 Retweet

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) allow attackers to hijack headphones, eavesdrop, and extract call logs without pairing. https://t.co/T426LkeaKw https://t.co/zpa59MfzEX

    @svobodacenter

    1 Jul 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.co

    @Shift6Security

    1 Jul 2025

    72 Impressions

    1 Retweet

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  15. Bluetooth flaws in 29 audio devices (Bose, Sony, Jabra) allow attackers within range to hijack the connection, make calls, and even eavesdrop via your phone’s mic. CVE-2025-20700 to -20702 show how ordinary devices can become high-risk entry points. #CyberSecurity https://t.c

    @Shift6Security

    1 Jul 2025

    2 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

    @dCypherIO

    30 Jun 2025

    25 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Bluetoothの脆弱性により、マイク通じた盗聴が可能になる恐れ(CVE-2025-20700、CVE-2025-20701、CVE-2025-20702) | Codebook|Security News https://t.co/C6Mla6RKhs

    @Luke06121

    30 Jun 2025

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  18. Bluetooth flaws could let hackers spy through your microphone Researchers uncovered three Bluetooth vulnerabilities (CVE-2025-20700 to -20702) in Airoha chipsets used in 29 audio devices from major brands like Sony, Bose, and JBL. The flaws allow attackers within Bluetooth range

    @dCypherIO

    30 Jun 2025

    7 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  19. Critical flaws in Airoha Bluetooth chips (CVE-2025-20700-20702) found in Bose, Sony, JBL, and other brands can turn headphones into spy devices, allowing live audio extraction and call hijacking #BluetoothSecurity #HeadphoneHack #Cybersecurity #AirohaChips https://t.co/WT1sjhnU0N

    @the_yellow_fall

    30 Jun 2025

    571 Impressions

    3 Retweets

    9 Likes

    2 Bookmarks

    0 Replies

    0 Quotes

  20. 多数のBluetoothオーディオ機器にマイクからの盗聴が可能となる脆弱性。Beyerdynamic、Bose、ソニー、Marshall、Jabra、JBL、Jlab、EarisMax、MoerLabs, Teufelの10社/29機種が対象。SoC上のAirohaシステムにおける3件の脆弱性(CVE-

    @__kokumoto

    29 Jun 2025

    905 Impressions

    0 Retweets

    6 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  21. Just opened a support ticket with @Sennheiser to check if my Sennheiser IE 100 Pro Wireless are affected by the zero day vulnerabilities CVE-2025-20702, CVE-2025-20700, CVE-2025-20701. Amazed to see: if they answer, when they answer and if it's affected.

    @mountainman1977

    29 Jun 2025

    48 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.