04.30.2025
Researchers at cybersecurity firm Oligo today outlined a series of AirPlay vulnerabilities that impact millions of Apple devices (via Wired) and accessories that connect to Apple devices. While Apple has
Dubbed "Airborne," the AirPlay vulnerabilities allowed attackers to take control of devices that support AirPlay to spread malware to other devices on any local device that the infected device connects to. An attacker would need to be on the same Wi-Fi network as the intended victim, putting public Wi-Fi spots, businesses, and other high-traffic areas at more risk.
Oligo researchers said that the AirPlay flaws could lead to "sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more." The vulnerabilities could be used independently or chained together for a "variety of possible attack vectors," such as Remote Code Execution, user interaction bypass, Denial of Service attacks, Man-in-the-Middle attacks, and more.
Apple worked with Oligo to identify and fix the vulnerabilities. Oligo found 23 separate security flaws, and Apple issued 17 CVEs to address them. Information on each vulnerability is outlined on Oligo's website. Apple also deployed fixes for its AirPlay SDK for third-party manufacturers.
The same Airborne vulnerabilities also impact CarPlay, which could allow hackers to hijack the automotive computer in a car. This attack vector would require the attacker to be directly in the car and connected to either the car's Bluetooth or an in-car USB port, which makes it unlikely.
Oligo recommends that users upgrade to the latest versions of iOS, iPadOS, macOS, tvOS, and visionOS, to protect themselves from these vulnerabilities. Other devices that support AirPlay may still be vulnerable, so users should take steps like disabling the AirPlay Receiver feature on Macs and restricting AirPlay to the current user instead of all users.
Oligo CTO Gal Elbaz told Wired that there could be tens of millions of third-party AirPlay devices that are still vulnerable to attack. Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch--or they will never be patched," he said.
Tag: AirPlay
This article, "AirPlay Security Flaws Impact Third-Party Devices and Unpatched Apple Products" first appeared on MacRumors.com
Discuss this article in our forums
You may also be interested in this
Mudix HP11 MX2 video proj…
05.13.2023
The Mudix HP11 MX2 video projector supports Wi-Fi and AirPlay, so you can quickly stream content from your Apple devices.Review: The Mudix HP11 MX2 video projector Read more...
Dio Node AirPlay speakers…
02.18.2025
Escape from Bluetooth: Use Wi-Fi to stream audio from your iPhone or Mac to Dio Node speakers. It’s easy, and they sound great. (via Cult of Mac - Apple news,
Review: Dio Node Aims to …
04.14.2025
Dio is a small company focused on delivering a single product for the Apple ecosystem: a low-cost AirPlay speaker system known as Dio Node. Initially launched as a crowdfunded Indiegogo
MacDailyNews presents liv…
05.04.2023
MacDailyNews presents live notes from Apple’s Q223 Conference Call with analysts starting at 2pm PDT / 5pm EDT today, May 4, 2023. This stream is best experienced on an iPhone
Samsung unveils next-gen …
05.23.2023
Samsung has announced that its popular is getting an update for 2023. The latest version of the display will come in 32- and 27-inch options with an updated version of
iOS 17 Said to Feature Wa…
05.24.2023
Apple's upcoming iOS 17 update for the iPhone will include improvements across several apps and features, including Wallet, Find My, SharePlay, and AirPlay, according to Bloomberg's Mark Gurman. Apple is
‘Ted Lasso’ Season 3: How…
05.31.2023
Macworld Apple put a lot of effort into making its early slate of Apple TV+ original shows a little bit of something for everyone. All the company needed was one
Apple explains how to use…
05.05.2023
With AirPlay, you can wirelessly stream video from your Apple devices to a large-screen TV. Apple made an explainer video for newbies. (via Cult of Mac - Tech and culture
