Millions of Apple AirPlay-Enabled Devices Vulnerable to Wi-Fi-Based Hacks

In a significant cybersecurity revelation, researchers from Oligo Security have identified a series of vulnerabilities in Apple's AirPlay protocol and its associated Software Development Kit (SDK). Collectively termed "AirBorne," these 23 vulnerabilities potentially expose millions of Apple and third-party AirPlay-enabled devices to remote code execution (RCE) attacks over Wi-Fi networks.

Understanding the AirBorne Vulnerabilities

AirPlay is a feature that allows users to stream audio, video, and photos wirelessly between Apple devices and compatible third-party products. However, the AirBorne vulnerabilities enable attackers on the same Wi-Fi network to exploit these devices without any user interaction—a method known as a zero-click attack. This means that simply being connected to the same network as a malicious actor could put your device at risk.

The vulnerabilities affect a wide range of devices, including iPhones, iPads, Macs, Apple TVs, smart speakers, and even CarPlay-enabled infotainment systems. In some cases, attackers could hijack devices, deploy malware, or even eavesdrop on conversations through built-in microphones.

Apple's Response and Remaining Risks

Apple has addressed these vulnerabilities in its own products by releasing patches for iOS 18.4, iPadOS 18.4, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4, and visionOS 2.4 as of March 31, 2025. However, third-party devices that utilize the AirPlay SDK remain vulnerable unless their respective manufacturers release and users apply the necessary updates.

The challenge lies in the fact that many third-party manufacturers may not prioritize or promptly release security updates, leaving a significant number of devices exposed. This situation underscores the broader issue of security in the Internet of Things (IoT) ecosystem, where devices often lack timely support and updates.

Protecting Your Devices

To mitigate the risks associated with the AirBorne vulnerabilities, users are advised to take the following steps:

• Update Devices: Ensure that all Apple devices are updated to the latest software versions that include the necessary security patches.
• Disable AirPlay When Not in Use: Turning off AirPlay on devices when it's not needed can reduce exposure to potential attacks.
• Restrict AirPlay Access: Configure AirPlay settings to allow connections only from known and trusted devices.
• Secure Wi-Fi Networks: Use strong, unique passwords for Wi-Fi networks to prevent unauthorized access.
• Monitor Third-Party Devices: Stay informed about updates from third-party device manufacturers and apply patches as they become available.

Final Thoughts

The discovery of the AirBorne vulnerabilities highlights the importance of proactive cybersecurity measures, especially as our reliance on interconnected devices grows. While Apple has taken steps to secure its own products, the broader ecosystem of AirPlay-enabled devices requires attention and action from both manufacturers and users to ensure comprehensive protection against potential threats.