Apple AirPlay Flaws Expose Billions of Devices to Zero-Click Attacks: What You Need to Know and How to Stay Safe
If you own an iPhone, iPad, Mac, Apple TV, or any device that uses AirPlay or CarPlay, it's crucial to update your software immediately. A newly discovered set of vulnerabilities, collectively known as "AirBorne," puts billions of Apple and third-party devices at risk of being hijacked without any user interaction. These flaws could allow hackers to take control of your devices, spy on you, or spread malware across your network—all through Wi-Fi.
What Is the AirBorne Vulnerability?
Discovered by cybersecurity firm Oligo Security, AirBorne is a collection of 23 security flaws in Apple's AirPlay protocol and the AirPlay Software Development Kit (SDK). These vulnerabilities affect both Apple devices and third-party products that integrate AirPlay, such as smart TVs, speakers, and CarPlay-enabled vehicles.
Two of the most critical vulnerabilities, identified as CVE-2025-24252 and CVE-2025-24132, allow for "wormable" zero-click remote code execution (RCE). This means an attacker on the same Wi-Fi network can take over a device without any action from the user and then spread the attack to other devices on the network. Such attacks can lead to espionage, ransomware deployment, and other sophisticated threats .
How Can These Vulnerabilities Be Exploited?
Attackers can exploit these vulnerabilities in various ways:
Zero-click and one-click RCE: Taking control of devices without user interaction.
Access control bypass: Gaining unauthorized access to devices.
Sensitive information disclosure: Accessing private data on your devices.
Man-in-the-middle (MitM) attacks: Intercepting and altering communications.
Denial-of-service (DoS): Disrupting device functionality
Devices with microphones, like smart speakers, could be used to eavesdrop on conversations. In vehicles, attackers could hijack CarPlay systems to distract drivers or track their location.
Who Is Affected?
The vulnerabilities impact a wide range of devices:
Apple Devices: iPhones, iPads, Macs, Apple TVs, and Vision Pro headsets.
Third-Party Devices: Smart TVs, wireless speakers, and CarPlay-enabled infotainment systems that use the AirPlay SDK.
While Apple has released patches for its own devices, many third-party products remain unpatched due to the manufacturers' responsibility for updates .
How to Protect Yourself
To safeguard your devices:
Update Your Devices: Ensure your Apple devices are running the latest software versions:
iOS/iPadOS: 18.4.1
macOS: Sequoia 15.4, Sonoma 14.7.5, or Ventura 13.7.5
tvOS: 18.4.1
visionOS: 2.4.1
Go to Settings > General > Software Update to check and install updates.
Update Third-Party Devices: Check for firmware updates on smart TVs, speakers, and car infotainment systems.Contact the manufacturer if you're unsure how to update.
Disable AirPlay When Not in Use: Turn off AirPlay on devices when it's not needed to reduce exposure.
Use Strong Wi-Fi Passwords: Avoid default or easily guessable passwords for your Wi-Fi networks, especially in vehicles.
Limit AirPlay Access: Configure AirPlay settings to allow connections only from devices on the same network or from specific users.
Final Thoughts
The AirBorne vulnerabilities highlight the importance of regular software updates and cautious network practices. By keeping your devices updated and following the recommended precautions, you can significantly reduce the risk of falling victim to these exploits. If you need help, feel free to contact us for guidance.