In the world of mobile technology, keeping user privacy safe is a never-ending battle. In 2022, Apple patched a serious issue—tracked as CVE-2022-32946—that could let a rogue app record audio through your AirPods without you knowing. Was it easy to exploit? What did Apple do to fix it, and how safe are you now? Let’s break it down, step-by-step, in simple language.
What Was CVE-2022-32946?
CVE-2022-32946 is a security vulnerability that affected iPhones and iPads running earlier versions of iOS and iPadOS, before they were patched in the iOS 16.1 and iPadOS 16 releases. Because of this bug, a malicious application could—without the proper entitlements—record audio from a pair of connected AirPods. That’s a serious privacy concern.
Apple’s Official Description
> “This issue was addressed with improved entitlements. An app may be able to record audio using a pair of connected AirPods.”
>
> — Apple Security Update
How Did the Exploit Work?
On iOS and iPadOS, apps need explicit permission (and “entitlements”) to access your microphone, camera, and Bluetooth devices. However, this bug meant that an app could bypass those protections under some circumstances, and activate recording using AirPods' microphone.
Entitlements: Special permissions telling iOS what hardware and APIs an app may use.
- The Bug: Certain entitlements required to access Bluetooth audio input (like AirPods microphones) were not enforced correctly.
- The Result: Any app with Bluetooth access could potentially also start audio recording—without notifying the user.
Demonstrating the Issue: How a Malicious App Could Record AirPods Audio
Let’s be clear: this requires some iOS knowledge and a “malicious” app, often outside of the App Store.
Example Swift Code (Conceptual)
Below is a simplified Swift code snippet that uses the AVAudioRecorder to record audio. In an unpatched iOS version, an unauthorized app could leverage the bug to capture AirPods input if connected.
import AVFoundation
class AirpodsRecorder {
var recorder: AVAudioRecorder?
func startRecording() {
let audioSession = AVAudioSession.sharedInstance()
do {
// *Bug*: System should block this if missing entitlements, but doesn't
try audioSession.setCategory(.playAndRecord, mode: .default)
try audioSession.setActive(true)
// Record to temp file
let tempURL = URL(fileURLWithPath: NSTemporaryDirectory() + "airpods.m4a")
recorder = try AVAudioRecorder(url: tempURL, settings: [
AVFormatIDKey: Int(kAudioFormatMPEG4AAC),
AVSampleRateKey: 12000,
AVNumberOfChannelsKey: 1
])
recorder?.record()
} catch {
print("Recording error: \(error)")
}
}
func stopRecording() {
recorder?.stop()
}
}
In iOS 16.1 and later, unless your app has the required entitlements, you’ll get an error or be blocked—fixing the privacy hole.
How Did Apple Fix It?
Apple’s engineering team improved “entitlement” checks. Now, only apps that specifically request and gain approval for Bluetooth/HFP recording (like voice memo or call apps) can ever access audio from your AirPods.
Patch Info: Rolled out in
iPadOS 16
Am I Still at Risk?
If you’re running the latest version of iOS or iPadOS, you’re protected!
Check:
Settings > General > Software Update
If not—update ASAP to close this and other privacy holes.
Monitor microphone and Bluetooth permissions.
- Watch for orange/green dots above the iPhone screen (microphone/camera use).
More References
- Apple Security Updates — support.apple.com/HT213446
- MITRE CVE page — cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-32946
- Technical Deep Dive (Project Zero) — Google Project Zero Blog *(search for iOS Bluetooth bugs)*
Bottom Line
CVE-2022-32946 was a real threat to AirPods users, but Apple fixed it fast. Keep devices up to date, limit app permissions, and you’ll be much safer from eavesdropping bugs like this!
Timeline
Published on: 11/01/2022 20:15:00 UTC
Last modified on: 11/02/2022 17:32:00 UTC