Security researchers have disclosed a series of critical vulnerabilities in Apple's AirPlay protocol, collectively named "AirBorne." These vulnerabilities affect a wide range of devices and can be exploited remotely without user interaction (zero-click).
Vulnerability Details
The AirBorne vulnerability set includes multiple issues, with key vulnerabilities assigned the following CVE identifiers:
- CVE-2025-24252: A use-after-free vulnerability that could lead to Remote Code Execution (RCE).
- CVE-2025-24132: A vulnerability that can be combined with others to achieve zero-click RCE.
An attack can be initiated when an attacker is on the same Wi-Fi network as the target device.
Potential Impact
- Remote Code Execution (RCE): Attackers could execute arbitrary code on a target device.
- Wormable Exploit: Malware could self-propagate from one affected device to another on the same network.
- Eavesdropping: Devices with microphones could be compromised to listen to conversations.
- Denial-of-Service (DoS): An attack could render the target device unusable.
Apple's Response
Apple released security patches to address these vulnerabilities on March 31, 2025. The patched operating system versions are:
- iOS 18.4
- iPadOS 18.4
- macOS Ventura 13.7.5, Sonoma 14.7.5, Sequoia 15.4
- tvOS 18.4
- visionOS 2.4
Note: Third-party devices (e.g., speakers, smart TVs) using the AirPlay SDK require updates directly from their respective manufacturers.
Recommendations for Users
- Update Apple Devices: Check for and install the latest operating system updates immediately.
- Disable AirPlay When Not in Use: To reduce the attack surface, turn off AirPlay when it is not needed.
- Restrict AirPlay Access: Configure AirPlay settings to allow access only for "People Sharing This Home" or to require a password.
- Update Third-Party Devices: Check for firmware updates from the manufacturers of any AirPlay-enabled devices you own.
Conclusion
The AirBorne vulnerability represents a serious security threat. All users are strongly advised to follow the recommendations above as soon as possible to mitigate the risk.
Share on Facebook
Share on LINE