PT-2023-21457 · Apple · Airpods
Archie Pusaka
+1
·
Published
2023-05-04
·
Updated
2025-08-02
·
CVE-2023-27964
CVSS v3.1
5.4
Medium
| Vector | AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
AirPods Firmware versions prior to 5E133
Description
An authentication issue was addressed with improved state management. When the headphones are seeking a connection request to one of the previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to the headphones.
Recommendations
For AirPods Firmware versions prior to 5E133, update to AirPods Firmware Update 5E133 to resolve the issue. As a temporary workaround, consider restricting Bluetooth connections to trusted devices until the update is applied.
Fix
Authentication Bypass by Spoofing
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Airpods