Any device with Bluetooth can be vulnerable, but risk is highest for devices that are old, unpatched, or always-on. Main factors that increase vulnerability are no security updates, older Bluetooth stacks, discoverable mode left on, and weak/legacy pairing methods.