Airplay devices hackable
Millions of Airplay devices hackable via Wi-Fi
Vulnerable Airplay devices can be completely taken over via the network. Attackers can infiltrate malware and tap into microphones, for example.
Security researchers from Oligo have uncovered several security vulnerabilities in Apple's Airplay protocol and the associated Airplay SDK. This means that not only devices from Apple itself are vulnerable, but also those from third-party providers, provided they support Airplay. Attackers can execute malicious code on vulnerable devices via the network, read data and cause failures.
The researchers summarize the vulnerabilities discovered and the attack vectors made possible by their combination in a blog post under the term Airborne. Devices with Airplay support can therefore be completely taken over by attackers, provided there is a wireless local network connection to the respective target device.
The infiltrated devices then potentially also serve as a starting point for attacks on other devices located in the same network. This should even be possible automatically due to two zero-click vulnerabilities registered as CVE-2025-24252 and CVE-2025-24132. Based on these vulnerabilities, it should be possible to develop malware that automatically infects other Airplay devices within range.
Carplay is also vulnerable
In total, the Oligo researchers claim to have reported 23 security vulnerabilities to Apple in connection with Airplay, 17 of which have been given a CVE code. Some of these are suitable for remote code execution (RCE), which the researchers demonstrate on YouTube using an Airplay-enabled speaker from Bose, among other things.
After the attack, an image injected by the researchers appears on the display of this speaker. However, an attacker should also be able to use the same method to play their own music or tap into the microphones built into the device in order to eavesdrop on conversations taking place near the speaker. The same attack vector probably also works in cars with Carplay systems.
Millions of devices affected
The security researchers assume that the discovered vulnerabilities affect not only Apple devices such as the iPhone, Mac or Apple TV, but also tens of millions of third-party devices. The researchers also point out that Carplay, which is also affected, is used in more than 800 different vehicle models worldwide.
Apple itself has already provided an updated Airplay SDK that closes the discovered security gaps. Against this background, users are advised to update the operating software of their devices to the latest version. However, it is difficult to estimate the availability of patches for third-party devices given the enormous variety of manufacturers and models.