India’s cybersecurity watchdog CERT-In has confirmed that Bluetooth chipset manufacturer Airoha released a critical firmware update on June 4, 2025, to address recently discovered vulnerabilities affecting a wide range of audio devices. According to CERT-In, Airoha has supplied the fixes to all relevant device manufacturers, who are now expected to roll out product-specific updates as part of their next scheduled firmware release cycles.
Airoha, a leading supplier of Bluetooth audio System-on-Chips (SoCs), is widely used by global audio brands including Sony, JBL, and Bose. These chips power a variety of Bluetooth-enabled audio products, especially True Wireless Stereo (TWS) earbuds, headphones, and speakers. The vulnerabilities, if unpatched, could pose security risks such as unauthorized access or data interception via Bluetooth connections.
German cybersecurity firm Enno Rey Netzwerke GmbH (ERNW) has identified 29 specific audio products from 10 well-known consumer electronics brands as being affected by the issue. The list includes products from Bose, Sony, JBL, Jabra, Marshall, Beyerdynamic, JLab, EarisMax, MoerLabs, and Teufel. The affected devices range from everyday consumer earbuds and headphones to microphones and high-end speaker systems.
Some of the confirmed vulnerable models include the Bose QuietComfort Earbuds, Jabra Elite 8 Active, JBL Endurance Race 2, and JBL Live Buds 3. Marshall’s popular headphone and speaker models such as the MAJOR V, MOTIF II, ACTON III, and WOBURN III are also on the list. Sony has the highest number of impacted models, including the WH-1000XM4, WH-1000XM5, WH-1000XM6, WF-1000XM3, Link Buds S, and several WF and WH-series earbuds and headphones. Other affected devices include the Beyerdynamic Amiron 300, JLab Epic Air Sport ANC, EarisMax Bluetooth Auracast Sender, MoerLabs EchoBeatz, and Teufel Tatws2.
CERT-In has urged users to remain vigilant and ensure their devices are updated as soon as firmware patches become available from manufacturers. While technical details of the vulnerabilities have not been publicly disclosed, users are advised to avoid pairing their devices with unknown or untrusted.
