Could 05, 2025Ravie LakshmananNetwork Safety / Vulnerability
Cybersecurity researchers have disclosed a sequence of now-patched safety vulnerabilities in Apple’s AirPlay protocol that, if efficiently exploited, may allow an attacker to take over inclined gadgets supporting the proprietary wi-fi know-how.
The shortcomings have been collectively codenamed AirBorne by Israeli cybersecurity firm Oligo.
“These vulnerabilities may be chained by attackers to probably take management of gadgets that assist AirPlay – together with each Apple gadgets and third-party gadgets that leverage the AirPlay SDK,” safety researchers Uri Katz, Avi Lumelsky, and Gal Elbaz mentioned.
A number of the vulnerabilities, like CVE-2025-24252 and CVE-2025-24132, may be strung collectively to style a wormable zero-click RCE exploit, enabling unhealthy actors to deploy malware that propagates to gadgets on any native community the contaminated gadget connects to.
This might then pave the way in which for classy assaults that may result in the deployment of backdoors and ransomware, posing a critical safety danger.
The vulnerabilities, in a nutshell, may allow zero- or one-click distant code execution (RCE), entry management listing (ACL) and consumer interplay bypass, native arbitrary file learn, data disclosure, adversary-in-the-middle (AitM) assaults, and denial-of-service (DoS).
This consists of chaining CVE-2025-24252 and CVE-2025-24206 to attain a zero-click RCE on macOS gadgets which can be related to the identical community as an attacker. Nevertheless, for this exploit to succeed, the AirPlay receiver must be on and set to the “Anybody on the identical community” or “Everybody” configuration.
In a hypothetical assault situation, a sufferer’s gadget may get compromised when related to a public Wi-Fi community. Ought to the gadget be related later to an enterprise community, it may present an attacker with a technique to breach different gadgets which can be related to the identical community.
A number of the different notable flaws are listed beneath –
CVE-2025-24271 – An ACL vulnerability that may allow an attacker on the identical community as a signed-in Mac to ship AirPlay instructions to it with out pairing
CVE-2025-24137 – A vulnerability that might trigger arbitrary code execution or an utility to terminate
CVE-2025-24132 – A stack-based buffer overflow vulnerability that might lead to a zero-click RCE on audio system and receivers that leverage the AirPlay SDK
CVE-2025-24206 – An authentication vulnerability that might permit an attacker on the native community to bypass authentication coverage
CVE-2025-24270 – A vulnerability that might permit an attacker on the native community to leak delicate consumer data
CVE-2025-24251 – A vulnerability that might permit an attacker on the native community to trigger an surprising app termination
CVE-2025-31197 – A vulnerability that might permit an attacker on the native community to trigger an surprising app termination
CVE-2025-30445 – A sort confusion vulnerability that might may permit an attacker on the native community to trigger an surprising app termination
CVE-2025-31203 – An integer overflow vulnerability that might permit an attacker on the native community to trigger a DoS situation
Following a accountable disclosure course of, the recognized vulnerabilities have been patched within the beneath variations –
iOS 18.4 and iPadOS 18.4
iPadOS 17.7.6
macOS Sequoia 15.4
macOS Sonoma 14.7.5
macOS Ventura 13.7.5
tvOS 18.4, and
visionOS 2.4
A number of the weaknesses (CVE-2025-24132 and CVE-2025-30422) have additionally been patched in AirPlay audio SDK 2.7.1, AirPlay video SDK 3.6.0.126, and CarPlay Communication Plug-in R18.1.
“For organizations, it’s crucial that any company Apple gadgets and different machines that assist AirPlay are up to date instantly to the most recent software program variations,” Oligo mentioned.
“Safety leaders additionally want to supply clear communication to their workers that each one of their private gadgets that assist AirPlay have to even be up to date instantly.”
Discovered this text attention-grabbing? Comply with us on Twitter and LinkedIn to learn extra unique content material we publish.
