Redmi Buds Found Vulnerable to Bluetooth Attacks, Exposing Users to Data Leaks and Device Disruptions

The firmware of Xiaomi's well-known Redmi Buds wireless earbuds has significant security vulnerabilities, according to security researchers. Millions of users worldwide are concerned about these vulnerabilities, which affect several models, from the Redmi Buds 3 Pro to the most recent Redmi Buds 6 Pro.

Researchers suggest that Redmi Buds' handling of Bluetooth communication, particularly via the RFCOMM protocol (Bluetooth communication protocol that enables devices like wireless earphones and phones to exchange data over a virtual serial connection), is the problem. Without pairing, authentication, or any user action, this vulnerability enables attackers within Bluetooth range to take use of the earbuds. An attacker only needs to be close by to initiate an attack, which increases the risk in public areas.

Two Major Vulnerabilities Identified

The first attack, identified as CVE-2025-13834, allows attackers to quietly steal information from the earbuds. Because of weak checks in the firmware, the earbuds fail to properly examine certain Bluetooth commands. When a specially crafted command is sent, the device mistakenly reads data from its own memory and sends it back. This data can include private details such as phone numbers from active calls, all without the user noticing anything unusual. Since the attack works silently, it poses a serious privacy threat, especially in public places.

The second attack, known as CVE-2025-13328, focuses on disrupting how the earbuds work rather than stealing data. In this case, attackers repeatedly send a large number of Bluetooth commands to the device. The earbuds are unable to handle this heavy traffic, causing the system to overload and crash. As a result, the earbuds suddenly disconnect from the connected phone or laptop and stop responding. To make them work again, users must place the earbuds back into their charging case to reset them. If repeated, this attack can make the earbuds frustrating or impossible to use.

Easy to Exploit with Serious Impact

These vulnerabilities are especially dangerous since attackers do not require extensive skills or special access to exploit them. All that is required is the earbuds' Bluetooth MAC address, which can be easily obtained using commonly available Bluetooth scanning tools. Once received, an attacker can initiate the attack from up to 20 meters away, without pairing with the device or interfering with the user in any way.

The consequences for users can be substantial and disruptive. Private information from current calls may be disclosed without the user's knowledge. In other circumstances, the earphones may frequently disconnect and become unresponsive, making them difficult or impossible to use. If these attacks are automated, consumers may endure repeated interruptions, transforming a simple listening experience into an ongoing inconvenience.

Users Urged to Exercise Caution

As of now, Xiaomi has not released an official statement or firmware update to fix these issues. Until a patch is available, experts advise users to turn off Bluetooth when not using their earbuds, especially in crowded public areas. Users should also keep their devices updated and avoid using wireless earbuds in high-risk environments where unknown Bluetooth devices may be nearby. Staying cautious can help reduce the chances of unauthorized access or disruption.

This discovery highlights the growing importance of Bluetooth security, firmware updates, and device-level cybersecurity as wireless gadgets become part of daily life.

Information referenced in this article is from Cyber Securiy News