AirPlay Risk: Critical vulnerabilities expose millions of Apple devices on Hackeos

Aerus This is one of the main components of the Apple ecosystem. The protocol that allows you to transmit photos, video and other multimedia content for compatible wireless devices is one of the easiest to use. Nevertheless, a new study shows that comfort will be at the risk of its users.

In accordance with Ars TechnicaOligo’s cybersecurity company discovered Numerous vulnerabilities that jeopardize millions of devices The researchers, connected under the name Airborne, documented 23 safety malfunctions, which affect both Apple and the third party equipment, which is SDK AirPlay.

According to Oligo, they found vulnerability They allow the attacker to take control of receptors, TVs or smart speakers If they are on the same wireless network. From there, they can expand their access, move in the lateral direction to the network and execute malicious code on other equipment. This will make them possible points of constant access for more complex cyber attacks.

Airborne uses AirPlay as a cyber attack point

Among the most important vulnerabilities-CVE-2025-24252 and CVE-2025-24132, both are able to execute a remote code without the need for user interaction.

• CVE-2025-24252 This is the vulnerability of this type Without use This allows the attacker Execute arbitrary code in MacOSA possible scenario includes an infection of equipment through the Wi-Fi public network, and then the expansion of the user’s corporate network, when the device is connected again. This type of attack uses the ubiquitous nature of Apple devices and their automatic connections.

• CVE-2025-24132 This is the overflow of a buffer in a heap, which allows Remote execution attack without clicks on speakers and receivers They use AirPlay SDK. This error also affects Carplay devices that introduce risk scenarios in vehicles where unauthorized content can be displayed, reproduce the sound or even the use of a car microphone for espionage conversations.

Alarming feature of these attacks is that They are transmitted by wireless communication or connections *single -rated *which facilitates its distribution on local networks. It is enough for the attacker to connect to the same Wi-Fi network as the objective device to initiate operation. In public networks or a poorly segmented corporate environment, this part significantly reduces input barriers.

In addition to remote executions, Other attack vectors allow vulnerability in the airFor example, an arbitrary reading of local archives, the spread of confidential information and the attack of the service refusal. It is also possible to avoid access control or interception of communication through an attack of the type Man on averagewhich additionally expands the surface of a potential attack.

Apple corrects vulnerabilities, although not all

Apple has already corrected vulnerability, which directly influenced its devices Through the latest updates. Although the technology also provided patches for external manufacturers, Panorama for the third party equipment is unclearMany of these products rarely rarely receive security corrections, while others do not directly have integrated update mechanisms.

Gal Elbaz, Technical Director of Oligo, evaluates that Tens of millions of devices can remain exhibited, even for an indefinite periodThe field since most manufacturers do not notify Apple when they integrate their SDK, the exact number of affected devices can be much higher.

The fact that many SDK implementations on the air are performed without official Apple certification even more complicates risk management. This limits Apple’s ability to control, control updates or guarantee the safety of these integrations. As a result, users are exposed to vulnerabilities that may remain hidden for many years.