Lucene search

K
appleAppleAPPLE:11C2CEBE23D26FECA9259B74D4C5C5FA
HistoryMay 02, 2023 - 12:00 a.m.

About the security content of AirPods and Beats firmware updates

2023-05-0200:00:00
support.apple.com
156
apple
security updates
bluetooth
authentication issue
state management
cve-id
firmware
airpods
beats
vulnerabilities
spoofing

CVSS3

5.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

5.5

Confidence

High

EPSS

0

Percentile

12.7%

About the security content of AirPods and Beats firmware updates

This document describes the security content of AirPods and Beats firmware updates.

About Apple security updates

For our customers’ protection, Apple doesn’t disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available. Recent releases are listed on the Apple security updates page.

Apple security documents reference vulnerabilities by CVE-ID when possible.

For more information about security, see the Apple Product Security page.

Beats Firmware Update 5B66

Released May 2, 2023

Bluetooth

Available for: Powerbeats Pro, Beats Fit Pro

Impact: When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.

Description: An authentication issue was addressed with improved state management.

CVE-2023-27964: Yun-hao Chung and Archie Pusaka of Google ChromeOS

If you paired your Beats wireless headphones with your iPhone, iPad, or Mac, your Beats will update automatically. Learn more about firmware updates for Beats.

You can check the firmware version of your wireless headphones in Bluetooth settings on your device.

  1. On your iPhone or iPad, go to Settings > Bluetooth. On your Mac, go to System Settings > Bluetooth.

  2. Tap on the info buttonNo alt supplied for Image next to your headphones.

AirPods Firmware Update 5E133

Released April 11, 2023

Bluetooth

Available for: AirPods (2nd generation and later), AirPods Pro (all models), AirPods Max

Impact: When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.

Description: An authentication issue was addressed with improved state management.

CVE-2023-27964: Yun-hao Chung and Archie Pusaka of Google ChromeOS

Firmware updates are automatically delivered while your AirPods are charging and in Bluetooth range of your iPhone, iPad, or Mac. Learn more about firmware updates for AirPods.

Information about products not manufactured by Apple, or independent websites not controlled or tested by Apple, is provided without recommendation or endorsement. Apple assumes no responsibility with regard to the selection, performance, or use of third-party websites or products. Apple makes no representations regarding third-party website accuracy or reliability. Contact the vendor for additional information.

Published Date: November 30, 2023

Affected configurations

Vulners
Node
applesoftware_updateRange<5
VendorProductVersionCPE
applesoftware_update*cpe:2.3:a:apple:software_update:*:*:*:*:*:*:*:*

CVSS3

5.4

Attack Vector

ADJACENT

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N

AI Score

5.5

Confidence

High

EPSS

0

Percentile

12.7%

Related for APPLE:11C2CEBE23D26FECA9259B74D4C5C5FA