Spoofing attack in Apple AirPods and Beats firmware
| Risk | Low |
| Patch available | YES |
| Number of vulnerabilities | 1 |
| CVE-ID | CVE-2024-27867 |
| CWE-ID | CWE-285 |
| Exploitation vector | Local |
| Public exploit | N/A |
| Vulnerable software |
AirPods firmware Hardware solutions / Firmware Beats firmware Hardware solutions / Firmware |
| Vendor | Apple Inc. |
Security Bulletin
This security bulletin contains one low risk vulnerability.
1) Improper Authorization
EUVDB-ID: #VU93406
Risk: Low
CVSSv4.0: 0.4 [CVSS:4.0/AV:P/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:U/U:Clear]
CVE-ID: CVE-2024-27867
CWE-ID:
CWE-285 - Improper Authorization
Exploit availability: No
DescriptionThe vulnerability allows an attacker to perform spoofing attack.
The vulnerability exists due to the way the headphones are seeking a connection request to one of your previously paired devices. An attacker with physical proximity to the device can spoof the intended source device and gain access to your headphones.
MitigationInstall updates from vendor's website.
Vulnerable software versionsAirPods firmware: 4E71 - 6A325
Beats firmware: before 6F8
CPE2.3- cpe:2.3:h:apple:airpods_firmware:4E71:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:5B59:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:5E135:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:5A377:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:6F7:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:6B34:*:*:*:*:*:*:*
- cpe:2.3:h:apple:airpods_firmware:6A325:*:*:*:*:*:*:*
- cpe:2.3:h:apple:beats_firmware:*:*:*:*:*:*:*:*
https://support.apple.com/en-us/HT214111
Q & A
Can this vulnerability be exploited remotely?
No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
