India, July 4 -- India's cybersecurity agency, the Indian Computer Emergency Response Team (CERT-In), has issued a high-severity warning for users of Bluetooth audio devices.

The agency said that multiple vulnerabilities have been reported in Airoha Bluetooth firmware, which could allow attackers to gain unauthorised access to Bluetooth audio devices such as the Sony WH-1000XM5, JBL Live Buds 3, Bose QuietComfort Earbuds, and Marshall Motif II.

"The vulnerabilities exist in Airoha Systems-on-Chip (SoCs) due to missing authentication in the GATT service and the Bluetooth Basic Rate/Enhanced Data Rate (BR/EDR) component, as well as a flaw in a custom protocol," CERT-In said in the warning issued on July 2.

"An attacker could exploit thes...