Recommended reading

This worrying Bluetooth security flaw could let hackers spy on your device via microphone

News
By published

Bugs can be used to pull a phone's contacts list

A close-up of the mobile connectivity options in iOS, showing buttons for Airplane Mode, mobile data, Wi-Fi, and Bluetooth.
(Image credit: Brett Jordan / Pexels)
  • Security researchers found three medium-severity flaws in Bluetooth SoCs
  • When chained, they can be used to eavesdrop on conversations, and more
  • Patches are being developed, so be on your guard

Security researchers have uncovered three vulnerabilities in a Bluetooth chipset present in dozens of devices from multiple manufacturers.

The vulnerabilities, they say, can be exploited to eavesdrop on people’s conversations, steal call history and contacts information, and possibly even deploy malware on vulnerable devices.

However, exploiting the flaws for these purposes is quite difficult, so practical implementation of the bugs remains rather debatable.

Get 55% off Incogni's Data Removal service with code TECHRADAR

Get 55% off Incogni's Data Removal service with code TECHRADAR

Wipe your personal data off the internet with the Incogni data removal service. Stop identity thieves
and protect your privacy from unwanted spam and scam calls.

View Deal

Difficult to pull off

Security researchers ERNW recently found three flaws in the Airoha system on a chip (SoC), apparently “widely used” in True Wireless Stereo (TWS) earbuds.

The SoC is allegedly present in 29 devices from different manufacturers, including a couple of high-profile names: Beyerdynamic, Bose, Sony, Marshall, Jabra, JBL, Jlab, EarisMax, MoerLabs, and Teufel. Speakers, earbuds, headphones, and wireless microphones all seem to be affected.

The bugs are now tracked under these CVEs:

CVE-2025-20700 (6.7/10) - missing authentication for GATT services
CVE-2025-20701 (6.7/10) - missing authentication for Bluetooth BR/EDR
CVE-2025-20702 (7.5/10) - critical capabilities of a custom protocol

The researchers said that a threat actor with a rather high technical skill set could, if they are within Bluetooth range, pull off an attack and hijack the connection between the phone and the Bluetooth device.

They could then issue different commands to the phone, including initiating or receiving calls, or retrieving the phone’s call history and contacts.

They could also “successfully eavesdrop on conversations or sounds within earshot of the phone," they said. Ultimately, they said it was possible to rewrite the device’s firmware and thus deploy different malware variants.

But the attacks are difficult to pull off, which could mean that only advanced adversaries, such as state-sponsored threat actors, might try to abuse the flaws. In any case, Airoha released an updated SDK with a set of mitigations, which the manufacturers now started turning into patches.

Via BleepingComputer

You might also like

Sead Fadilpašić

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

You must confirm your public display name before commenting

Please logout and then login again, you will then be prompted to enter your display name.