CVE-2024-58101

Name of the Vulnerable Software and Affected Versions: Samsung Galaxy Buds and Galaxy Buds 2 (affected versions not specified)

Description: The issue concerns Samsung Galaxy Buds and Galaxy Buds 2 audio devices being Bluetooth pairable by default without requiring user input or providing a means to disable this mode. This allows for potential audio playback takeover or unauthorized microphone recording without user consent or notification.

Recommendations: For Samsung Galaxy Buds and Galaxy Buds 2, consider disabling the Bluetooth pairing feature by default as a temporary workaround until a patch is available. Restrict access to the device's microphone to minimize the risk of unauthorized recording. Avoid using the devices in sensitive environments until the issue is resolved. At the moment, there is no information about a newer version that contains a fix for this vulnerability.