Subscribe

Keep Up to Date with the Most Important News

By pressing the Subscribe button, you confirm that you have read and are agreeing to our Privacy Policy and Terms of Service
Subscribe

Hackers Could Exploit AirPlay to Control Devices

byFoundersark
April 30, 2025
Hackers Could Exploit AirPlay to Control Devices Hackers Could Exploit AirPlay to Control Devices
IMAGE CREDITS: GETTY IMAGES/WIRED

Recent discoveries have unveiled critical vulnerabilities in Apple’s AirPlay protocol. These flaws could let attackers remotely control devices without any user interaction. Security firm Oligo Security identified 23 such vulnerabilities, collectively named “AirBorne.” These issues affect not only Apple products like iPhones, iPads, and Macs but also third-party devices using the AirPlay SDK.​

Among these, two vulnerabilities—CVE-2025-24252 and CVE-2025-24132—stand out. They enable attackers to execute remote code without any user action, making the exploits “wormable.” This means malware can spread from one device to another across networks, potentially leading to widespread attacks.​

Apple Responds with Security Patches

Apple has addressed these vulnerabilities in recent updates to iOS, iPadOS, and macOS. Seventeen CVE identifiers have been assigned to these issues. Oligo Security collaborated with Apple to ensure timely patches.​

One notable vulnerability, CVE-2025-24252, involves a use-after-free bug in macOS. When combined with CVE-2025-24206, which bypasses user interaction, it allows zero-click remote code execution on Macs connected to the same network. Devices with AirPlay set to “Everyone” or “Anyone on the same network” are particularly at risk.​

Another critical flaw, CVE-2025-24132, is a stack-based buffer overflow. It affects devices using the AirPlay SDK, including speakers and CarPlay systems. Attackers can exploit this to gain control without any user interaction, potentially leading to distractions for drivers or unauthorized access to in-car conversations.​

Additionally, CVE-2025-24271 allows unauthenticated attackers to send AirPlay commands without pairing. When combined with CVE-2025-24137, it can result in one-click remote code execution.​

Protecting Your Devices

To safeguard against these vulnerabilities:​

  • Update Devices: Ensure all Apple devices are running the latest versions of iOS, iPadOS, or macOS.
  • Review AirPlay Settings: Set AirPlay to allow connections only from known devices.
  • Monitor Network Activity: Be vigilant for unusual behavior on your network, which could indicate compromised devices.​

Oligo Security has released a demonstration video showcasing the exploitation of CVE-2025-24252, emphasizing the importance of immediate action.

Share with others
byFoundersark
Published

Related News