Cybersecurity researchers have identified a collection of serious vulnerabilities within Apple’s AirPlay protocol, collectively named AirBorne by the Israeli cybersecurity firm Oligo. These vulnerabilities, if exploited, could allow attackers to seize control of devices that utilize the AirPlay technology, including those manufactured by Apple and third-party devices built with the AirPlay SDK.

The vulnerabilities, notably CVE-2025-24252 and CVE-2025-24132, can be combined to create a wormable zero-click remote code execution (RCE) exploit. This means that malicious actors could deploy malware capable of spreading across devices on the same local network as the compromised device.

The security risks associated with these vulnerabilities are significant. They can lead to unauthorized remote code execution, bypass of access control lists, arbitrary file reading, information disclosure, and denial-of-service attacks. Specifically, a victim’s device could be attacked while connected to a public Wi-Fi network, giving an attacker a potential foothold to infiltrate other connected devices once the victim’s device joins an enterprise network.

Some notable vulnerabilities include:

• CVE-2025-24271: A vulnerability that permits an attacker on the same network as a signed-in Mac to send AirPlay commands without the need for pairing.
• CVE-2025-24137: A flaw that could enable arbitrary code execution or cause an application to terminate unexpectedly.
• CVE-2025-24132: A stack-based buffer overflow vulnerability that could enable zero-click RCE on AirPlay-enabled speakers and receivers.
• CVE-2025-24206: An authentication vulnerability allowing local network attackers to bypass authentication policies.
• CVE-2025-24270: A weakness enabling sensitive user information leakage.
• CVE-2025-30445: A type confusion vulnerability that could lead to unexpected application termination.
• CVE-2025-31197: Also known to cause unexpected termination of applications on the local network.

These vulnerabilities have been patched in recent updates to the software, including iOS 18.4, macOS Sequoia 15.4, and tvOS 18.4, among others. Security experts recommend that organizations ensure their corporate Apple devices are updated promptly to mitigate any risks associated with these vulnerabilities. Following updates, employees should also be advised to update their personal devices that support AirPlay to safeguard against potential exploits.

Welcome to DediRock, your trusted partner in high-performance hosting solutions. At DediRock, we specialize in providing dedicated servers, VPS hosting, and cloud services tailored to meet the unique needs of businesses and individuals alike. Our mission is to deliver reliable, scalable, and secure hosting solutions that empower our clients to achieve their digital goals. With a commitment to exceptional customer support, cutting-edge technology, and robust infrastructure, DediRock stands out as a leader in the hosting industry. Join us and experience the difference that dedicated service and unwavering reliability can make for your online presence. Launch our website.