New Bluetooth Headphone Vulnerabilities Allow Hackers to Hijack Connected Smartphones

### Executive summary Security researchers disclosed three critical vulnerabilities in Airoha-based Bluetooth audio devices that expose an unauthenticated RACE protocol over BLE/Classic/USB, allowing attackers within radio range to extract stored Bluetooth link keys, impersonate paired headphones, and gain access to smartphone features (voice assistant, calls, contacts, microphone). The flaws affect dozens of confirmed models from major vendors (Sony, JBL, Jabra, Bose, Marshall, Beyerdynamic) and potentially thousands of devices worldwide; Airoha released SDK patches in June 2025 but vendor firmware adoption is inconsistent, and researchers published a RACE Toolkit and full technical details after coordinated disclosure.