**Name of the Vulnerable Software and Affected Versions:**

Airoha Bluetooth audio SDK versions (affected versions not specified)

Airoha Bluetooth chips versions (affected versions not specified)

**Description:**

The Airoha Bluetooth audio SDK and chips contain a permission bypass that allows access to critical data of the RACE protocol through the Bluetooth LE GATT service. This can lead to remote escalation of privilege without requiring additional execution privileges or user interaction. Multiple reports indicate that devices from brands such as Bose, Sony, and JBL are affected. The vulnerability allows attackers within Bluetooth range to hijack connections, make calls, and eavesdrop through the device’s microphone. It has been reported as actively exploited.

**Recommendations:**

At the moment, there is no information about a newer version that contains a fix for this vulnerability.