Skip to content

TARA's First CVE: A 9-Year-Old Vulnerability Hiding in Every PC Speaker

How a BCI threat framework found an unfiled vulnerability in RealTek audio codecs that turns your headphones into microphones

· Original source
tara cve neurosecurityengineering qif bci realtek audiosecurity cwe862 vulnerabilitydisclosure

The short version

We found an unfiled CVE. Not in a brain-computer interface. In your headphones.

The TARA framework (Threat Analysis and Risk Assessment for BCIs) was designed to map attack surfaces across the full stack, from silicon through the electrode-tissue interface into biology. While extending the registry to cover consumer devices that sit upstream of neural interfaces, we identified a vulnerability in RealTek HD Audio codec drivers that has been publicly demonstrated since 2016, affects the majority of consumer PCs worldwide, and has never received a CVE number.

The vulnerability: any software process can silently reprogram your speaker or headphone jack to function as a microphone. No elevated privileges required. No user notification. No OS permission prompt. The codec just does it.

We have disclosed this to TWCERT/CC (Taiwan’s CERT and the CNA for RealTek), notified RealTek directly, and submitted a CVE request to MITRE.

What the vulnerability actually is

RealTek HD Audio codecs implement the Intel High Definition Audio specification, which includes a feature called “jack retasking.” This allows software to reassign an audio output pin (your headphone jack, your speaker output) to function as an audio input (a microphone).

The feature exists for legitimate reasons. RealTek’s own Audio Console uses it to let users manually reconfigure their jacks. The problem is that the codec verb commands that perform this retasking are accessible to any software process running on the machine, with no authorization check, no user consent prompt, and no notification that the jack configuration has changed.

In 2016, researchers at Ben-Gurion University demonstrated this in a paper called SPEAKE(a)R. They showed that headphones connected to an output-only jack could record intelligible audio after the codec was reprogrammed. The paper was presented at USENIX WOOT 2017. TechCrunch, Engadget, and dozens of outlets covered it.

Then nothing happened. No CVE was filed. No patch was issued. Nine years later, the vulnerability is still present in shipping hardware.

How TARA found it

TARA’s threat registry started with 71 techniques across 11 tactics and 7 domains, focused on brain-computer interfaces. The techniques cover everything from electrode spoofing to cognitive state inference to neural data exfiltration.

When we ran a gap analysis on the registry, a pattern emerged: TARA had no coverage for consumer devices that aren’t BCIs but contain sensors capable of physiological or biometric data extraction. These devices sit upstream of BCIs in the kill chain. If an attacker can profile someone’s cognitive patterns through their earbuds before they ever get a neural implant, the threat model for the implant changes entirely.

So we started mapping the consumer sensor attack surface. Earbuds, smartphones, smartwatches, anything with a microphone, accelerometer, or infrared sensor that maintains prolonged body contact.

The first technique in the new “Sensor Exploitation” domain was transducer inversion, the physical principle that any electromagnetic speaker cone is bidirectional and can capture sound waves just as a microphone does. The RealTek codec vulnerability is the software enabler: the reason this physical property becomes exploitable on real consumer hardware is that the driver provides the retasking interface with no access control.

We classified it as CWE-862 (Missing Authorization), scored it CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N (8.6 High), and searched every CVE database we could find. Nothing.

Why this matters for TARA

TARA was designed to think about security across the full neurotechnology stack. The framework’s value proposition is that it maps attack surfaces that traditional vulnerability programs miss, because traditional programs look at software bugs in isolation while TARA looks at physics, biology, and software together.

This CVE is the first concrete proof that the approach works. A framework designed for brain-computer interface security found an unfiled vulnerability in consumer audio hardware, not because we were looking for audio bugs, but because we were tracing the attack chain from consumer devices to neural interfaces and found an unpatched gap in the first link.

The RealTek vulnerability is the easiest one to file because it maps cleanly onto existing CVE infrastructure. It is a software bug: missing authorization on a sensitive operation. CWE-862 has clear precedent.

But the gap analysis also identified attack classes that CVE structurally cannot express. Sensor repurposing (using an ANC earbud’s microphone to create an ear canal biometric fingerprint), physiological inference (extracting heart rate from ultrasonic Doppler via a phone speaker), and cognitive profiling (building a mental model of someone’s attention patterns from longitudinal EEG captured through modified earbuds). These sit in the space between physics and policy, where the sensor capability is intentional but the surveillance application is not.

That is what TARA is for. The CVE system handles software bugs. TARA handles the attack classes that emerge when you look at the full stack.

What we disclosed

On February 11, 2026, we submitted a formal vulnerability disclosure to:

  1. TWCERT/CC (Taiwan Computer Emergency Response Team / Coordination Center), the CNA responsible for Taiwan-based vendors including RealTek
  2. RealTek Semiconductor Corp., notified directly with a request to coordinate on remediation and identify all affected codec models
  3. MITRE, requesting CVE assignment for the vulnerability

Classification: CWE-862 (Missing Authorization)

Suggested remediation:

  • Require elevated privileges or explicit user consent for jack retasking operations
  • Implement OS-level notification when jack configuration changes
  • Add firmware-level access control on retasking registers

What comes next

This is the first. There are more.

The TARA gap analysis identified 28 new techniques across 6 categories in the consumer sensor exploitation domain. Some are CVE-eligible (software permission model failures). Some are research-stage (requiring proof-of-concept demonstrations). Some occupy a space that no current vulnerability taxonomy addresses.

We are building the registry entry by entry, technique by technique, disclosure by disclosure. The goal is not to collect CVE numbers. The goal is to map the attack surface between consumer devices and neural interfaces before the ecosystem forms around it, so the security can be designed in rather than bolted on.

The full TARA registry and the QIF framework are open at qinnovate.com.

References

  1. Guri, M., Solewicz, Y., Daidakulov, A., & Elovici, Y. (2017). SPEAKE(a)R: Turn Speakers to Microphones for Fun and Profit. USENIX Workshop on Offensive Technologies (WOOT). Paper
  2. arXiv preprint: 1611.07350
  3. Intel High Definition Audio Specification, Rev 1.0a (2010). Jack retasking registers.
  4. MITRE CWE-862: Missing Authorization. CWE
  5. TWCERT/CC Vulnerability Disclosure Policy, V2.2 (2025). Policy

Written with AI assistance (Claude). All claims verified by the author.