The problem deals with a misconfiguration in the product's Bluetooth pairing protocol. Google discovered it's possible for a nearby hacker to step in and hijack the Bluetooth pairing process during sign-in, although the attack is not easy to pull off.
Source Link
