Apple has patched a significant security flaw in Beats Studio Buds that could have allowed nearby attackers to eavesdrop on private conversations. The vulnerability, tracked as CVE-2025-20701, exploited a window of time while the device was in pairing mode. An attacker within Bluetooth range could essentially hijack the microphone of an unpaired unit while it was actively searching for a connection request.
The fix is delivered through firmware version 1B211, which installs automatically without user intervention. To receive the update, your Beats Studio Buds simply need to be charging and within Bluetooth range of your iPhone, iPad, or Mac. While Bluetooth exploits typically require close physical proximity, this specific bug was particularly invasive as it granted direct access to audio streaming before a secure handshake was even established.
