Connect with us

Hi, what are you looking for?



Apple Releases First-Ever Security Updates for Beats, AirPods Headphones

Apple has released firmware updates for Beats and AirPods to patch a vulnerability that can be exploited to gain access to headphones via a Bluetooth attack.

AirPod Beats security updates

Apple has released the first-ever security updates for its Beats and AirPods products to patch a vulnerability that can be exploited to gain access to headphones through a Bluetooth attack.

The flaw is tracked as CVE-2023-27964 and it was reported to Apple by Yun-hao Chung and Archie Pusaka of Google ChromeOS. The vulnerability has been described as an authentication issue.

“When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones,” Apple explained in its advisory.

The firmware update for AirPods (5E133), including the Pro and Max models, was made available on April 11, while the Beats firmware update (5B66), including for Powerbeats Pro and Beats Fit Pro, was released on May 2. 

Firmware updates are delivered automatically to AirPods and Beats headphones while they are charging and in Bluetooth range of the user’s iPhone, iPad, or Mac. Users can check on these devices if their headset is running the latest firmware version.

The availability of the Beats firmware update was announced just as Apple and Google proposed a standard aimed at preventing devices that rely on Bluetooth for location tracking from being misused to track people. 

Devices such as Apple’s AirTag are useful for finding lost or stolen property, but the product can also be abused by stalkers. The tech giants want manufacturers to implement mechanisms that would make it possible to easily detect unwanted tracking

Advertisement. Scroll to continue reading.

Related: Apple Patches Actively Exploited WebKit Zero-Day Vulnerability 

Related: Apple Patches Exploited iOS Vulnerability in Old iPhones

Related: iOS Security Update Patches Exploited Vulnerability in Older iPhones

Related: Apple Ships Urgent iOS Patch for Newly Exploited Zero-Days

Written By

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

SecurityWeek’s Threat Detection and Incident Response Summit brings together security practitioners from around the world to share war stories on breaches, APT attacks and threat intelligence.


Securityweek’s CISO Forum will address issues and challenges that are top of mind for today’s security leaders and what the future looks like as chief defenders of the enterprise.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


Apple has released updates for macOS, iOS and Safari and they all include a WebKit patch for a zero-day vulnerability tracked as CVE-2023-23529.

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...

IoT Security

A vulnerability affecting Dahua cameras and video recorders can be exploited by threat actors to modify a device’s system time.