A series of significant security vulnerabilities in Appleβs AirPlay protocol, collectively named AirBorne, have been patched following responsible disclosure by cybersecurity researchers. These vulnerabilities could allow attackers to exploit susceptible devices for unauthorized remote access and malware deployment. Affected: Apple devices and third-party devices utilizing the AirPlay SDK.
Keypoints :
- Vulnerabilities in AirPlay protocol could lead to device takeovers and malware propagation.
- The attack methodology includes zero- or one-click remote code execution (RCE) exploits and various security bypasses.
- Key vulnerabilities include CVE-2025-24252 (RCE exploit on macOS), CVE-2025-24132 (buffer overflow), and multiple others affecting user data and application stability.
- Identified flaws have been patched in recent versions of iOS, iPadOS, macOS, tvOS, and visionOS.
- Organizations are urged to update all Apple devices that support AirPlay immediately to mitigate potential risks.
Read More: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html