**Name of the Vulnerable Software and Affected Versions:**

AirPods versions prior to 6A326

AirPods Pro (all models) versions prior to 6A326

AirPods Max versions prior to 6A326

Powerbeats Pro versions prior to 6A326

Beats Fit Pro versions prior to 6A326

Beats versions prior to 6F8

**Description:**

An authentication issue existed due to improper state management. This allowed an attacker within Bluetooth range to spoof a previously paired device and gain unauthorized access to the headphones, potentially enabling eavesdropping. The vulnerability, tracked as CVE-2024-27867, affects AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max, Powerbeats Pro, and Beats Fit Pro.

**Recommendations:**

AirPods versions prior to 6A326: Update to firmware version 6A326.

AirPods Pro (all models) versions prior to 6A326: Update to firmware version 6A326.

AirPods Max versions prior to 6A326: Update to firmware version 6A326.

Powerbeats Pro versions prior to 6A326: Update to firmware version 6A326.

Beats Fit Pro versions prior to 6A326: Update to firmware version 6A326.

Beats versions prior to 6F8: Update to firmware version 6F8.