Missing authentication in AirPods and Beats firmware
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2023-27964 |
| CWE-ID | CWE-287 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
AirPods firmware Hardware solutions / Firmware Beats firmware Hardware solutions / Firmware |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper authentication
EUVDB-ID: #VU106920
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2023-27964
CWE-ID:
CWE-287 - Improper Authentication
Exploit availability: No
DescriptionThe vulnerability allows an attacker to gain unauthorized access to device.
The vulnerability exists due to incorrect authentication mechanism when headphones are seeking a connection request to one of previously paired devices. An attacker in Bluetooth range can spoof the intended source device and gain access to headphones.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAirPods firmware: 4E71 - 5A377
Beats firmware: before 5B66
CPE2.3- cpe:2.3:h:apple:airpods_firmware:4E71:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:5B59:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:5A377:*:*:*:*:*:*:*
- cpe:2.3:h:apple:beats_firmware:*:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT213752
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
