Apple has rolled out a firmware update to rectify a vulnerability in AirPods that could potentially permit unauthorized access to the headphones by malicious actors.
Identified as CVE-2024-27867, this authentication flaw impacts AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.
“When your headphones are attempting to connect to one of your previously paired devices, an attacker within Bluetooth range could spoof the intended source device and gain access to your headphones,” Apple noted in an advisory issued on Tuesday.
Essentially, an adversary in close proximity could exploit this flaw to listen in on private conversations. Apple stated that the issue has been resolved through enhanced state management.
Jonas Dreßler has been acknowledged for discovering and reporting the vulnerability. The fix is included in AirPods Firmware Update 6A326, AirPods Firmware Update 6F8, and Beats Firmware Update 6F8.
This development follows two weeks after Apple released updates for visionOS (version 1.2), addressing 21 issues, including seven vulnerabilities in the WebKit browser engine.
One specific issue, a logic flaw tracked as CVE-2024-27812, could lead to a denial-of-service (DoS) when processing web content. Apple has mitigated this problem through improved file handling.
Security researcher Ryan Pickren, who identified the vulnerability, described it as the “world’s first spatial computing hack,” capable of bypassing all warnings and inundating a user’s environment with numerous animated 3D objects without user interaction.
The exploit leverages Apple’s inadequate permissions model in the ARKit Quick Look feature, allowing 3D objects to spawn in a victim’s space. Alarmingly, these animated objects persist even after Safari is closed, as they are managed by a separate application.
“Moreover, this exploit doesn’t require the anchor tag to be ‘clicked’ by a user,” Pickren explained. “Programmatic JavaScript clicking (i.e., document.querySelector(‘a’).click()) works seamlessly! This enables the launch of countless 3D, animated, sound-producing objects without any user involvement at all.”
