The vulnerability, identified as CVE-ID 2023-27964, was discovered by researchers from the Google ChromeOS team. The exploit happens when the headsets are searching for a connection with one of the previously paired devices, and an attacker within Bluetooth range can impersonate the intended source device.
Apple has confirmed that a firmware update with build 5B66 fixed the authentication issue. The update process is automatic and users cannot force it. The firmware update happens if the headphones are near an Apple device and in the charging case. Apple recommends making sure your connected iPhone or iPad has the latest software update.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
