Critical flaw lets hackers track, eavesdrop via Bluetooth audio devices

Published:

15 januari 2026 om 16:13:54

Alert date:

15 januari 2026 om 18:11:37

Source:

bleepingcomputer.com

Mobile & IoT, Zero-Day Vulnerabilities

A critical vulnerability in Google's Fast Pair protocol allows attackers to hijack Bluetooth audio accessories like wireless headphones and earbuds. The flaw enables attackers to track users and eavesdrop on their conversations through compromised Bluetooth devices. This vulnerability affects the pairing mechanism that connects Android devices with Bluetooth accessories, creating significant privacy and security risks for users of wireless audio devices.

Technical details

The vulnerability stems from improper implementation of Google's Fast Pair protocol in Bluetooth audio devices. While the Fast Pair specification requires devices to ignore pairing requests when not in pairing mode, many vendors fail to enforce this check. Attackers can exploit this by using any Bluetooth-capable device to forcibly pair with vulnerable accessories within 14 meters range without user interaction. Once paired, attackers gain complete control over the audio device and can track victims using Google's Find Hub network.

Mitigation steps:

Install firmware updates from device manufacturers as they become available. Disabling Fast Pair on Android phones does not prevent the attack as the feature cannot be disabled on the accessories themselves. Monitor for unwanted tracking notifications which may indicate compromise.

Affected products:

Google Fast Pair enabled devices
Jabra Bluetooth audio devices
JBL Bluetooth audio devices
Logitech Bluetooth audio devices
Marshall Bluetooth audio devices
Nothing Bluetooth audio devices
OnePlus Bluetooth audio devices
Sony Bluetooth audio devices
Soundcore Bluetooth audio devices
Xiaomi Bluetooth audio devices