Apple has launched a firmware replace for AirPods that might permit a malicious actor to realize entry to the headphones in an unauthorized method.
Tracked as CVE-2024-27867, the authentication difficulty impacts AirPods (2nd era and later), AirPods Professional (all fashions), AirPods Max, Powerbeats Professional, and Beats Match Professional.
“When your headphones are searching for a connection request to certainly one of your beforehand paired units, an attacker in Bluetooth vary may be capable to spoof the supposed supply machine and achieve entry to your headphones,” Apple stated in a Tuesday advisory.
In different phrases, an adversary in bodily proximity may exploit the vulnerability to listen in on non-public conversations. Apple stated the problem has been addressed with improved state administration.
Jonas Dreßler has been credited with discovering and reporting the flaw. It has been patched as a part of AirPods Firmware Replace 6A326, AirPods Firmware Replace 6F8, and Beats Firmware Replace 6F8.
The event comes two weeks after the iPhone maker rolled out updates for visionOS (model 1.2) to shut out 21 shortcomings, together with seven flaws within the WebKit browser engine.
One of many points pertains to a logic flaw (CVE-2024-27812) that might end in a denial-of-service (DoS) when processing internet content material. The issue has been fastened with improved file dealing with, it stated.
Safety researcher Ryan Pickren, who reported the vulnerability, described it because the “world’s first spatial computing hack” that could possibly be weaponized to “bypass all warnings and forcefully fill your room with an arbitrary variety of animated 3D objects” sans consumer interplay.
The vulnerability takes benefit of Apple’s failure to use the permissions mannequin when utilizing the ARKit Fast Look function to spawn 3D objects in a sufferer’s room. Making issues worse, these animated objects proceed to persist even after exiting Safari as they’re dealt with by a separate utility.
“Moreover, it doesn’t even require this anchor tag to have been ‘clicked’ by the human,” Pickren stated. “So programmatic JavaScript clicking (i.e., doc.querySelector(‘a’).click on()) works no downside! Because of this we are able to launch an arbitrary variety of 3D, animated, sound-creating, objects with none consumer interplay in any way.”
