Airoha's Bluetooth chips, found in devices from numerous manufacturers like Bose and Sony, have critical security flaws that could allow attackers to eavesdrop and control devices. During a presentation at the TROOPERS conference, researchers showcased vulnerabilities enabling malicious parties to listen to audio streams, access call and contact data, and even rewrite device firmware. While such attacks require proximity to the target and technical expertise, the potential for serious data breaches exists, emphasizing the need for immediate action from manufacturers to secure their products.
The vulnerabilities allow malicious parties to eavesdrop via Bluetooth or steal sensitive data such as contact lists and call history.
Using the Hands-Free Profile, it is then possible to control phones, for example, to start or answer calls.
Collection
[
|
...
]