CyberSecurityBoardThreat Intel · CVEs · Products
Critical CVEs

CVE-2025-20701: Incorrect Authorization in Airoha Bluetooth Audio SDK

June 25, 2026

A high-severity vulnerability in the Airoha Bluetooth audio SDK allows unauthorized Bluetooth pairing without user consent, enabling nearby attackers to eavesdrop via the microphone. CVSS score 8.8.