Millions of Apple AirPlay devices susceptible to 'AirBorne' zero-click RCE attacks, so patch now

Apple’s AirPlay Protocol and AirPlay Software Development Kit (SDK) carried numerous vulnerabilities that could be abused to run remote code execution (RCE) attacks, man-in-the-middle (MitM) attacks, or denial of service (DoS) attacks. To make matters worse, some of these vulnerabilities could be used in zero-click attacks, meaning to pull it off – no interaction from the victim is required.

Cybersecurity researchers Oligo Security found 23 flaws and collectively dubbed them AirBorne. Two of the flaws could be used in RCE attacks, which are now tracked as CVE-2025-24252, and CVE-2025-24132. There is also CVE-2025-24206, a user interaction bypass vulnerability that allows crooks to bypass “Accept” click requirements on AirPlay requests.

“This means that an attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects to. This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more,” Oligo warned.

‘Vast and concerning’

“Because AirPlay is a fundamental piece of software for Apple devices (Mac, iPhone, iPad, AppleTV, etc.) as well as third-party devices that leverage the AirPlay SDK, this class of vulnerabilities could have far-reaching impacts.”

The potential reach of AirBorne exploitation is “vast and concerning”, CyberInsider argues. The publication claims Apple’s wireless streaming protocol is “critical” to the company’s ecosystem and is operating on 2.35 billion active devices all over the world.

It argues that, in theory, a threat actor could compromise a MacBook at a coffee shop, and later use it as a steppingstone into an enterprise network, once the compromised device connects to the company’s Wi-Fi.

Apple has since fixed the flaws with iOS and iPadOS 18.4, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4, and visionOS 2.4. The AirPlay audio SDK, the AirPlay video SDK, and the CarPlay Communication Plug-in have all been updated, as well.

Via BleepingComputer

Apple fixes dangerous iOS zero days after threats against targeted individuals
Take a look at our guide to the best authenticator app
We’ve rounded up the best password managers

Millions of Apple AirPlay devices susceptible to ‘AirBorne’ zero-click RCE attacks, so patch now

Microsoft turns up the heat on Window 10 diehards, hinting that free upgrade to Windows 11 could be ditched later this year

Sad about Dead Boy Detectives being canceled? You’ll be able to see one of the Netflix show’s stars in The Sandman season 2 instead

NYT Connections hints and answers for Monday, March 10 (game #638)

AI will start subtitling your videos thanks to VLC

‘Vast and concerning’

You might also like

LG pulls the final software plug on its phones –here are its 7 best-ever models, ranked

Amazon’s best TV just got some nice free upgrades

Google is working on a Gemini AI app for kids

LG pulls the final software plug on its phones –here are its 7 best-ever models, ranked

Android Has Fewer Apps Than Ever, but That’s Actually a Good Thing

I Just Subscribed to Deezer and These Are My 7 Favorite Features

AI Turned Me Into a Straight-A Student—Here’s My Strategy

Amazon’s best TV just got some nice free upgrades

8 Sneaky Ways Hackers Steal Your Security Question Answers