12 hours Ago
Security researchers found dozens of flaws in Apple's AirPlay protocol Some of them allowed remote code execution attacks Apple has released patches addressing the flaws Apple ’s AirPlay Protocol and AirPlay Software Development Kit (SDK) carried numerous vulnerabilities that could be abused to run remote code execution (RCE) attacks, man-in-the-middle (MitM) attacks, or denial of service (DoS) attacks. To make matters worse, some of these vulnerabilities could be used in zero-click attacks, meaning to pull it off - no interaction from the victim is required. Cybersecurity researchers Oligo Security found 23 flaws and collectively dubbed them AirBorne.
Two of the flaws could be used in RCE attacks, which are now tracked as CVE-2025-24252, and CVE-2025-24132. There is also CVE-2025-24206, a user interaction bypass vulnerability that allows crooks to bypass “Accept” click requirements on AirPlay requests. "This means that an attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects to.
This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more," Oligo warned. Apple just finally patched a whole host of OS security issues on older devices, so update now Apple fixes dangerous zero-day used in attacks against iPhones and iPads Update your Apple device now: iOS 18.3.
2 fixes a flaw that could be exploited by hackers 'Vast and concerning' "Because AirPlay is a fundamental piece of software for Apple devices (Mac, iPhone, iPad, AppleTV, etc.) as well as third-party devices that leverage the AirPlay SDK, this class of vulnerabilities could have far-reaching impacts." The potential reach of AirBorne exploitation is “vast and concerning”, CyberInsider argues.
The publication claims Apple’s wireless streaming protocol is “critical” to the company’s ecosystem and is operating on 2.35 billion active devices all over the world. It argues that, in theory, a threat actor could compromise a MacBook at a coffee shop, and later use it as a steppingstone into an enterprise network, once the compromised device connects to the company’s Wi-Fi.
Apple has since fixed the flaws with iOS and iPadOS 18.4, macOS Ventura 13.7.
5, macOS Sonoma 14.7.5, macOS Sequoia 15.
4, and visionOS 2.4. The AirPlay audio SDK, the AirPlay video SDK, and the CarPlay Communication Plug-in have all been updated, as well.
Are you a pro? Subscribe to our newsletter Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed! Via BleepingComputer Apple fixes dangerous iOS zero days after threats against targeted individuals Take a look at our guide to the best authenticator app We've rounded up the best password managers.
