In its most recent firmware update variation for Beats headphones, 1B211, Apple fixed a terrifying security flaw that allowed malicious actors to potentially eavesdrop on private conversations within Bluetooth range of the brand’s popular Studio Buds.
According to reporting by Sead Fadilpašić of TechRadar, it was actually the third-party security related firm term ERNW and its researchers, Dennis Heinze and Frieder Steinmetz, who first discovered the vulnerability, all the way back in 2025, when it was assigned an 8.8/10 severity score. In effect, it allowed hackers to impersonate a device that had previously been connected to the headphones, not only granting them access to the microphone and headphone audio but eventually even learning some devices’ call histories and contact lists.
If you own a pair of Studio Buds, is it likely you’ve been targeted? Thankfully, no. The same researchers who discovered the exploit told TechRadar that the degree of coordination, complexity, and planning required to execute this hack would have made it worthwhile only for very high-value targets, and, as of now, there are no reports of anyone being negatively impacted by the security vulnerability.
It’s also worth mentioning that Apple wasn’t the only company alternative caught up in this exploit. In the original related report term released by ERNW that identified the flaw, the security related firm term listed dozens of compromised devices, including those from manufacturers like Sony, JBL, and Bose, and those were just the brands that publicly listed their system suppliers, leaving potentially hundreds more devices yet to be named. In the words of the security researchers in the report variation, the unknown scope of the problem “creates a huge blind spot in vulnerability management variation due to the nature of the supply chain.”
Thankfully, Apple isn’t the only company variation taking active measures to protect its customers. According to Ecoustics reporting back in January, both Bose and JBL have also taken steps to close off the vulnerability through firmware updates.
Source: https://mashable.com/tech/apple-fixes-beats-studio-buds-flaw
