Apple on Wednesday posted a new support document explaining the security content of AirPods and Beats firmware updates, including information about the 5B66 firmware released Tuesday for Beats Fit Pro and Powerbeats Pro. The firmware update addresses a vulnerability that could allow an attacker to gain access to your headphones.
Available for: Powerbeats Pro, Beats Fit Pro
Impact: When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
Description: An authentication issue was addressed with improved state management.
CVE-2023-27964: Yun-hao Chung and Archie Pusaka of Google ChromeOS
The issue also affected all AirPods, AirPods Pro, and AirPods Max models, except for first-generation AirPods, but Apple fixed the issue for those models with the 5E133 firmware update released last month.
Apple on Tuesday released another firmware update (5E135) for these AirPod models yesterday, but it’s unclear what changes were included beyond unspecified bug fixes and other improvements.
There is no way to manually force an update for the Beats firmware, it is usually installed over-the-air when the earbuds are connected to an iOS device. If you put your Beats Studio Buds in the case and connect them to a power source and pair them to an iPhone or iPad will likely cause an update to occur after a short while.
Android users can update their Beats firmware using the Beats app for that platform.
