← Back to CVEs
CVE-2023-27964
MEDIUM5.4
Description
An authentication issue was addressed with improved state management. This issue is fixed in AirPods Firmware Update 5E133. When your headphones are seeking a connection request to one of your previously paired devices, an attacker in Bluetooth range might be able to spoof the intended source device and gain access to your headphones.
CVE Details
CVSS v3.1 Score5.4
SeverityMEDIUM
CVSS VectorCVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Attack VectorADJACENT_NETWORK
ComplexityLOW
Privileges RequiredNONE
User InteractionNONE
Published6/23/2023
Last Modified11/21/2024
Sourcenvd
Honeypot Sightings0
Affected Products
apple:airpods_firmware
Weaknesses (CWE)
CWE-290
References
https://support.apple.com/en-us/HT213752(product-security@apple.com)
https://support.apple.com/en-us/HT213752(af854a3a-2127-422b-91ae-364da2661108)
IOC Correlations
No correlations recorded
This product uses data from the NVD API but is not endorsed or certified by the NVD.