- Security researchers found dozens of failures in the Apple AirPlay protocol
- Some of them allowed remote code execution attacks
- Apple has launched patches that address defects
The Apple AirPlay protocol and the AirPlay Software Development Kit (SDK) carried numerous vulnerabilities that could be abused to execute remote code execution attacks (RCE), man attacks in the middle (MITM) or service denial attacks (two). To make things worse, some of these vulnerabilities could be used in click attacks, which means achieving it, the victim’s interaction is not required.
Cybersecurity researchers Oligo Security found 23 defects and collectively called them in the air. Two of the defects could be used in RCE attacks, which are now traced as CVE-2025-24252 and CVE-2025-24132. There are also CVE-2025-24206, a vulnerability to omit user interaction that allows criminals overlooking the click requirements “accept” in AirPlay applications.
“This means that an attacker can take care of certain devices enabled for the plane and do things such as implementing malware that spread to the devices on any local network to which the infected device is connected. This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply chain attacks and more,” said Oligo.
‘Vast and worrying’
“Because AirPlay is a fundamental software for Apple devices (Mac, iPhone, iPad, Appletv, etc.), as well as third party devices that take advantage of AirPlay SDK, this kind of vulnerabilities could have long -range impacts.”
The potential scope of exploitation in the air is “vast and worrying”, Cyberinsidic argues. The publication states that the Apple wireless transmission protocol is “critical” for the company’s ecosystem and is operating at 2.35 billion active devices worldwide.
He argues that, in theory, a threat actor could compromise a MacBook in a cafeteria, and then use it as a springboard in a business network, once the committed device connects to the company’s Wi-Fi.
Since then, Apple has solved the failures with iOS and ipados 18.4, Macos Ventura 13.7.5, macos Sonoma 14.7.5, Macos Sequoia 15.4 and Visionos 2.4. The AirPlay Audio SDK, the Video AirPlay SDK and the Carplay Communication complement have also been updated.
Through Bleepingcomputer
