AirPlay Security Flaws Impact Third-Party Devices and Unpatched Apple Products

by

Researchers at cybersecurity firm Oligo today outlined a series of AirPlay vulnerabilities that impact millions of Apple devices (via Wired) and accessories that connect to Apple devices. While Apple has addressed the flaws in security updates that have come out over the last several months, some third-party devices that support ‌AirPlay‌ remain vulnerable.

AirPlay Feature
Dubbed "Airborne," the ‌AirPlay‌ vulnerabilities allowed attackers to take control of devices that support ‌AirPlay‌ to spread malware to other devices on any local device that the infected device connects to. An attacker would need to be on the same Wi-Fi network as the intended victim, putting public Wi-Fi spots, businesses, and other high-traffic areas at more risk.

Oligo researchers said that the ‌AirPlay‌ flaws could lead to "sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more." The vulnerabilities could be used independently or chained together for a "variety of possible attack vectors," such as Remote Code Execution, user interaction bypass, Denial of Service attacks, Man-in-the-Middle attacks, and more.

Apple worked with Oligo to identify and fix the vulnerabilities. Oligo found 23 separate security flaws, and Apple issued 17 CVEs to address them. Information on each vulnerability is outlined on Oligo's website. Apple also deployed fixes for its ‌AirPlay‌ SDK for third-party manufacturers.

The same Airborne vulnerabilities also impact CarPlay, which could allow hackers to hijack the automotive computer in a car. This attack vector would require the attacker to be directly in the car and connected to either the car's Bluetooth or an in-car USB port, which makes it unlikely.

Oligo recommends that users upgrade to the latest versions of iOS, iPadOS, macOS, tvOS, and visionOS, to protect themselves from these vulnerabilities. Other devices that support ‌AirPlay‌ may still be vulnerable, so users should take steps like disabling the ‌AirPlay‌ Receiver feature on Macs and restricting ‌AirPlay‌ to the current user instead of all users.

Oligo CTO Gal Elbaz told Wired that there could be tens of millions of third-party ‌AirPlay‌ devices that are still vulnerable to attack. Because ‌AirPlay‌ is supported in such a wide variety of devices, there are a lot that will take years to patch--or they will never be patched," he said.

Tag: AirPlay

Popular Stories

iOS 26

Everything New in iOS 26.2 Beta 3

Monday November 17, 2025 3:20 pm PST by
Apple provided developers with the third beta of an upcoming iOS 26.2 update, and there are still new features that are being added with each beta that we get. We've rounded up all of the changes that Apple made in beta 3. AirDrop Apple added new AirDrop functionality, providing a way for two people to share files temporarily without having to add one another as contacts. iOS 26.2...
Read Full Article20 comments
applecare apple care banner

Apple Brings New AppleCare+ Options to India

Tuesday November 18, 2025 8:42 am PST by
Apple today announced an expansion of AppleCare+ coverage in India, with new options for monthly and annual plans, and the addition of Theft and Loss for iPhone for the first time. Options for monthly and annual AppleCare+ plans in India provide more choice and flexibility, allowing users to keep coverage for as long as they require. Apple's vice president of Worldwide iPhone Product...
Read Full Article6 comments
Apple Wallet ID Illinois

iPhone Driver's License Feature Launching in Illinois

Tuesday November 18, 2025 8:47 am PST by
In select U.S. states, residents can add their driver's license or state ID to the Wallet app on the iPhone and Apple Watch, providing a convenient and contactless way to display proof of identity or age at select airports and businesses, and in select apps. Starting this Wednesday, November 19, the feature will be available to residents of Illinois. The announcement confirmed that the...
Read Full Article71 comments
Apple Sports App Preview Feature

Apple Sports App on iPhone Now Available in More European Countries

Monday November 17, 2025 6:27 am PST by
The free Apple Sports app on the iPhone was released in additional European countries today, including Belgium, Croatia, Czechia, the Netherlands, Luxembourg, Poland, Hungary, Denmark, Finland, Norway, Sweden, Switzerland, Slovakia, Slovenia, Serbia, Greece, Estonia, Latvia, Romania, Ukraine, and others. The app was already available in the U.S., the U.K., Canada, Austria, France, Germany,...
Read Full Article22 comments
iPhone 17 Pro Cosmic Orange

10 Reasons to Wait for Next Year's iPhone 18 Pro

Wednesday November 19, 2025 4:00 am PST by
Apple's iPhone development roadmap runs several years into the future and the company is continually working with suppliers on several successive iPhone models at the same time, which is why we often get rumored features months ahead of launch. The iPhone 18 series is no different, and we already have a good idea of what to expect for the iPhone 18 Pro and iPhone 18 Pro Max. One thing worth...
Read Full Article85 comments
Magic Keyboard Touch ID Feature

Apple Releases New Firmware for 140W USB-C Power Adapter, Magic Keyboard and Magic Trackpad

Tuesday November 18, 2025 1:05 pm PST by
Apple today released updated firmware for several accessories, including the 140W USB-C Power Adapter, the Magic Trackpad 2, the Magic Trackpad USB-C, the Magic Keyboard with Touch ID, and the Magic Keyboard with Touch ID and Numeric Keypad. There is no word on what's included in the updated firmware at this time, but it could offer performance improvements and security updates. Accessory...
Read Full Article77 comments
iPhone 17 Pro and Air N1 Feature

iPhone 17 vs. iPhone 16 Wi-Fi Speeds: New Study Reveals the Winner

Tuesday November 18, 2025 10:53 am PST by
A new study has revealed that the iPhone 17, iPhone 17 Pro, iPhone 17 Pro Max, and iPhone Air achieve significantly faster average Wi-Fi speeds compared to the iPhone 16 series, thanks to Apple's custom-designed N1 chip. The study was conducted by Ookla, the company behind the popular Speedtest website and app. It said the results are based on global, crowdsourced Speedtest user data...
Read Full Article46 comments
best early black friday deals

Best Black Friday Apple Deals Live Now - Save on AirPods, iPads, and Apple Watches

Saturday November 15, 2025 1:45 pm PST by
We're officially in the month of Black Friday, which will take place on Friday, November 28 in 2025. As always, this will be the best time of the year to shop for great deals, including popular Apple products like AirPods, iPad, Apple Watch, and more. In this article, the majority of the discounts will be found on Amazon. Note: MacRumors is an affiliate partner with some of these vendors. When ...
Read Full Article3 comments
macbook black friday

The Best Early Black Friday Mac Deals

Tuesday November 18, 2025 7:32 am PST by
We're getting closer to Black Friday, which lands next week on Friday, November 28. In the lead-up to the shopping holiday, we're tracking a few lowest-ever prices on Apple's most popular Macs, including the M4 MacBook Air and brand new M5 MacBook Pro. Note: MacRumors is an affiliate partner with some of these vendors. When you click a link and make a purchase, we may receive a small payment,...
Read Full Article1 comments
AirPods Pro Firmware Feature

Apple Releases New Firmware for AirPods Pro 2, AirPods Pro 3, and AirPods 4

Thursday November 13, 2025 11:35 am PST by
Apple today released new firmware designed for the AirPods Pro 3, the AirPods 4, and the prior-generation AirPods Pro 2. The AirPods Pro 3 firmware is 8B25, while the AirPods Pro 2 and AirPods 4 firmware is 8B21, all up from the prior 8A358 firmware released in October. There's no word on what's include in the updated firmware, but the AirPods Pro 2, AirPods 4 with ANC, and AirPods Pro 3...
Read Full Article73 comments

Top Rated Comments

HaHaRich! Avatar
HaHaRich!
7 months ago

Most of this stuff sounds cool in a lab, but isn’t real


For example…

“An attacker would need to be on the same Wi-Fi network as the intended victim”

So he has your Wi-Fi password or you’re doing AirPlay over public Wi-Fi?



“This attack vector would require the attacker to be directly in the car”.

If you have an attacker in your car, there’s a lot of attack vectors he can use that don’t involve CarPlay. I think you have bigger problems then your CarPlay being hacked.
I don’t think you have to be “doing” AirPlay over public WiFi, but have an unpatched AirPlay compatible device on a WiFi network with the attacker.

As far as CarPlay, this could be a very big issue for rental car companies. I don’t know about you, but I take rental cars on family trips. Never occurred to me that Avis could infect my iPhone ?
Score: 10 Votes (Like | Disagree)
vertsix Avatar
vertsix
7 months ago
I hope they deploy an update to my dear AirPort Express to patch this.
Score: 10 Votes (Like | Disagree)
123 Avatar
123
7 months ago

Maybe I’m overlooking something obvious though.
Yes you are. That big Samsung touch screen in the meeting room where everyone wo ever has a meeting connects, and which is reachable from the company's guest WiFi.
Score: 10 Votes (Like | Disagree)
bzgnyc2 Avatar
bzgnyc2
7 months ago
Note that despite all of Sequoia's kabuki theatre to protect us, it was still vulnerable. This is why many of us argue that instead of protecting our computers from us, Apple should be focused on basics. I am not worried about evils maids. I am worried about attacks over the network. The standard for this for decades starts with minimizing the attack surface area.

For years, I've argued for two obvious changes:
1) Don't run daemons/services/etc that aren't enabled. Don't start them, don't wake them, don't run them. If I have it turned off, I don't want to see the process running. I don't want to see log entries for it. I want it off.
2) Apple's services shouldn't be exempt from the firewall by default. The opposite and then the software tested with everything blocked by default rather than giving built-in software a bypass.
Score: 9 Votes (Like | Disagree)
HaHaRich! Avatar
HaHaRich!
7 months ago

It can't "infect your phone" ?
Did I misread it? The article describes the vulnerability as being able to execute and spread malicious code to unpatched systems. If that’s the case, how else does one define “infect”?
Score: 7 Votes (Like | Disagree)
Artemiz Avatar
Artemiz
7 months ago
I want the guy who came up with "Airborne" to be the head of branding dept at Apple.

Pro, Air, Ultra -- Not a fan!
Score: 6 Votes (Like | Disagree)
Read All Comments