AirPlay Security Flaws Impact Third-Party Devices and Unpatched Apple Products

by

Researchers at cybersecurity firm Oligo today outlined a series of AirPlay vulnerabilities that impact millions of Apple devices (via Wired) and accessories that connect to Apple devices. While Apple has addressed the flaws in security updates that have come out over the last several months, some third-party devices that support ‌AirPlay‌ remain vulnerable.

AirPlay Feature
Dubbed "Airborne," the ‌AirPlay‌ vulnerabilities allowed attackers to take control of devices that support ‌AirPlay‌ to spread malware to other devices on any local device that the infected device connects to. An attacker would need to be on the same Wi-Fi network as the intended victim, putting public Wi-Fi spots, businesses, and other high-traffic areas at more risk.

Oligo researchers said that the ‌AirPlay‌ flaws could lead to "sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more." The vulnerabilities could be used independently or chained together for a "variety of possible attack vectors," such as Remote Code Execution, user interaction bypass, Denial of Service attacks, Man-in-the-Middle attacks, and more.

Apple worked with Oligo to identify and fix the vulnerabilities. Oligo found 23 separate security flaws, and Apple issued 17 CVEs to address them. Information on each vulnerability is outlined on Oligo's website. Apple also deployed fixes for its ‌AirPlay‌ SDK for third-party manufacturers.

The same Airborne vulnerabilities also impact CarPlay, which could allow hackers to hijack the automotive computer in a car. This attack vector would require the attacker to be directly in the car and connected to either the car's Bluetooth or an in-car USB port, which makes it unlikely.

Oligo recommends that users upgrade to the latest versions of iOS, iPadOS, macOS, tvOS, and visionOS, to protect themselves from these vulnerabilities. Other devices that support ‌AirPlay‌ may still be vulnerable, so users should take steps like disabling the ‌AirPlay‌ Receiver feature on Macs and restricting ‌AirPlay‌ to the current user instead of all users.

Oligo CTO Gal Elbaz told Wired that there could be tens of millions of third-party ‌AirPlay‌ devices that are still vulnerable to attack. Because ‌AirPlay‌ is supported in such a wide variety of devices, there are a lot that will take years to patch--or they will never be patched," he said.

Tag: AirPlay

Popular Stories

iPhone 17 Pro 3 4ths Perspective Aluminum Camera Module 1

New iPhone 17 Pro Details: Brighter Display, Best Battery Life, and More

Wednesday September 3, 2025 5:33 am PDT by
Apple's iPhone 17 Pro and iPhone 17 Pro Max models will feature a number of significant display, thermal, and battery improvements, according to new late-stage rumors. According to the Weibo leaker known as "Instant Digital," the iPhone 17 Pro models will feature displays with higher brightness, making it more suitable for use in direct sunlight for prolonged periods. The iPhone 16 Pro and...
Read Full Article68 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 Pro Clear Case Leak Reveals Three Key Changes

Sunday August 31, 2025 1:26 pm PDT by
Apple is expected to unveil the iPhone 17 series on Tuesday, September 9, and last-minute rumors about the devices continue to surface. The latest info comes from a leaker known as Majin Bu, who has shared alleged images of Apple's Clear Case for the iPhone 17 Pro and Pro Max, or at least replicas. Image Credit: @MajinBuOfficial The images show three alleged changes compared to Apple's iP...
Read Full Article81 comments
iphone 16 pro ghost hand

iPhone 17 Pro: 5 Reasons Not to Upgrade This Year

Monday September 1, 2025 4:35 am PDT by
Apple will launch its new iPhone 17 series this month, and the iPhone 17 Pro models are expected to get a new design for the rear casing and the camera area. But more significant changes to the lineup are not expected until next year, when the iPhone 18 models arrive. If you're thinking of trading in your iPhone for this year's latest, consider the following features rumored to be coming to...
Read Full Article114 comments
iPhone 17 Pro Iridescent Feature 2

iPhone 17 and iPhone 17 Pro Prices Estimated Ahead of Apple Event Next Week

Tuesday September 2, 2025 1:50 pm PDT by
Just one week before Apple is expected to unveil the iPhone 17 series, an analyst has shared new price estimates for the devices. Here are J.P. Morgan analyst Samik Chatterjee's price estimates for the iPhone 17 series in the United States, according to 9to5Mac: Model Starting Price Model Starting Price Change iPhone 16 $799 iPhone 17 ...
Read Full Article58 comments
iPhone 17 Pro Dark Blue and Orange

iPhone 17 Release Date, Pre-Orders, and What to Expect

Thursday August 28, 2025 4:08 am PDT by
An iPhone 17 announcement is a dead cert for September 2025 – Apple has already sent out invites for an "Awe dropping" event on Tuesday, September 9 at the Apple Park campus in Cupertino, California. The timing follows Apple's trend of introducing new iPhone models annually in the fall. At the event, Apple is expected to unveil its new-generation iPhone 17, an all-new ultra-thin iPhone 17...
Read Full Article62 comments
iOS 18 on iPhone Arrow Down

Apple Preparing iOS 18.7 for iPhones as iOS 26 Release Date Nears

Sunday August 31, 2025 4:35 pm PDT by
Apple is preparing to release iOS 18.7 for compatible iPhone models, according to evidence of the update in the MacRumors visitor logs. We expect iOS 18.7 to be released in September, alongside iOS 26. The update will likely include fixes for security vulnerabilities, but little else. iOS 18.7 will be one of the final updates ever released for the iPhone XS, iPhone XS Max, and iPhone XR,...
Read Full Article47 comments
iPhone 17 Pro on Desk Centered 1

Survey: Nearly 70% of Users Plan to Upgrade to iPhone 17

Monday September 1, 2025 8:24 am PDT by
A new survey has found that nearly seven in ten iPhone owners in the United States plan to upgrade to an iPhone 17 model, signaling strong demand ahead of Apple's expected unveiling of the devices at its September 9 keynote. Smartphone price comparison platform SellCell surveyed over 2,000 U.S.-based iPhone users in August to assess upgrade interest and brand loyalty before Apple's event....
Read Full Article210 comments

Top Rated Comments

HaHaRich! Avatar
HaHaRich!
18 weeks ago

Most of this stuff sounds cool in a lab, but isn’t real


For example…

“An attacker would need to be on the same Wi-Fi network as the intended victim”

So he has your Wi-Fi password or you’re doing AirPlay over public Wi-Fi?



“This attack vector would require the attacker to be directly in the car”.

If you have an attacker in your car, there’s a lot of attack vectors he can use that don’t involve CarPlay. I think you have bigger problems then your CarPlay being hacked.
I don’t think you have to be “doing” AirPlay over public WiFi, but have an unpatched AirPlay compatible device on a WiFi network with the attacker.

As far as CarPlay, this could be a very big issue for rental car companies. I don’t know about you, but I take rental cars on family trips. Never occurred to me that Avis could infect my iPhone ?
Score: 10 Votes (Like | Disagree)
vertsix Avatar
vertsix
18 weeks ago
I hope they deploy an update to my dear AirPort Express to patch this.
Score: 10 Votes (Like | Disagree)
123 Avatar
123
18 weeks ago

Maybe I’m overlooking something obvious though.
Yes you are. That big Samsung touch screen in the meeting room where everyone wo ever has a meeting connects, and which is reachable from the company's guest WiFi.
Score: 10 Votes (Like | Disagree)
bzgnyc2 Avatar
bzgnyc2
18 weeks ago
Note that despite all of Sequoia's kabuki theatre to protect us, it was still vulnerable. This is why many of us argue that instead of protecting our computers from us, Apple should be focused on basics. I am not worried about evils maids. I am worried about attacks over the network. The standard for this for decades starts with minimizing the attack surface area.

For years, I've argued for two obvious changes:
1) Don't run daemons/services/etc that aren't enabled. Don't start them, don't wake them, don't run them. If I have it turned off, I don't want to see the process running. I don't want to see log entries for it. I want it off.
2) Apple's services shouldn't be exempt from the firewall by default. The opposite and then the software tested with everything blocked by default rather than giving built-in software a bypass.
Score: 9 Votes (Like | Disagree)
HaHaRich! Avatar
HaHaRich!
18 weeks ago

It can't "infect your phone" ?
Did I misread it? The article describes the vulnerability as being able to execute and spread malicious code to unpatched systems. If that’s the case, how else does one define “infect”?
Score: 7 Votes (Like | Disagree)
Artemiz Avatar
Artemiz
18 weeks ago
I want the guy who came up with "Airborne" to be the head of branding dept at Apple.

Pro, Air, Ultra -- Not a fan!
Score: 6 Votes (Like | Disagree)
Read All Comments