Experts have reportedly managed to eavesdrop on Sonos speakers, revealing a significant security vulnerability. Although a fix has been released, the manufacturer never disclosed the existence of the eavesdropping flaw.
The mentioned vulnerability in its firmware allowed remote listening through Sonos speakers, which could have serious privacy and security implications. Especially since such devices are commonly used in offices and other sensitive environments. Dutch magazine Bright, among other outlets, reported on the issue discovered last year. While Sonos has released a patch to address the problem, the company did not inform users about the nature of the flaw, a surprising move considering that not everyone regularly updates their speaker firmware.
Update or Disconnect
If you have a Sonos speaker at home or work—specifically the Sonos One and Era 100 models—it’s crucial to ensure that the latest firmware is installed. The minimum required versions are S1 11.2 and S2 15.9.
This situation highlights the privacy risks associated with using smart speakers and other connected devices. Users should always keep the firmware of such devices up to date. Devices that no longer receive support should be taken offline, no matter how inconvenient. Ideally, manufacturers should include a physical switch to disconnect the microphone on their smart speakers. And basically, in environments where sensitive information is discussed, this kind of speakers should never be present in the first place.