Apple has patched a Bluetooth flaw in Beats Studio Buds that could potentially turn your earbuds into a nearby wiretap.

When you buy a pair of Bluetooth earbuds, you expect them to play your music and your calls—not someone else’s. But a vulnerability in Apple’s Beats Studio Buds shows how that trust can be abused, turning everyday audio gear into a potential eavesdropping tool for anyone close enough and skilled enough to exploit it.

The vulnerability is tracked as CVE-2025-20701. Researchers disclosed flaws in Airoha system-on-a-chip (SoCs) devices at a security conference in Germany in 2025. Because Airoha chips are used in a wide range of audio products, the issue affected multiple devices, including Beats Studio Buds.

The researchers also showed how the vulnerability could be combined with flaws they found in the same Airoha component. By chaining these flaws, attackers could:

Eavesdrop via headphone microphones.