"Apple Releases First-Ever Security Updates for Beats, AirPods Headphones"

Apple has recently released the first-ever security updates for its Beats and AirPods products to patch a vulnerability that can be exploited to gain access to headphones through a Bluetooth attack.  The flaw is tracked as CVE-2023-27964, and it was reported to Apple by Yun-hao Chung and Archie Pusaka of Google ChromeOS.  The vulnerability has been described as an authentication issue.  Apple noted that when your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.  The firmware update for AirPods (5E133), including the Pro and Max models, was made available on April 11, while the Beats firmware update (5B66), including for Powerbeats Pro and Beats Fit Pro, was released on May 2.  Apple stated that firmware updates are delivered automatically to AirPods and Beats headphones while they are charging and in Bluetooth range of the user’s iPhone, iPad, or Mac.  Users can check whether their headset is running the latest firmware version.  

SecurityWeek reports: "Apple Releases First-Ever Security Updates for Beats, AirPods Headphones"