You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Institutional-grade exploitation framework for Airoha RACE vulnerabilities
CVE
CVSS
Description
CVE-2025-20700
9.6
Unauthenticated RACE protocol access over BLE
CVE-2025-20701
8.8
Arbitrary flash read/write
CVE-2025-20702
9.1
Link key extraction & device impersonation
Overview
RACE is a modular exploitation framework targeting the Airoha RACE protocol found in millions of Bluetooth headphones and speakers. The framework provides:
Discovery – Find vulnerable devices via BLE service enumeration
Fingerprinting – Extract SoC model, SDK version, and build timestamps
Flash Dumping – Read arbitrary flash pages to extract Link Keys
Impersonation – Clone device identity to intercept calls and messages
DISCLAIMER: This software is for authorized security testing only.