language TH
system_update Updates visibility 1,359 views

Critical "AirBorne" Security Vulnerability Found in AirPlay: Details and Recommendations

Critical "AirBorne" Security Vulnerability Found in AirPlay: Details and Recommendations
Security researchers have disclosed a series of critical vulnerabilities in Apple's AirPlay protocol, collectively named "AirBorne." These vulnerabilities affect a wide range of devices and can be exploited remotely without user interaction (zero-click).
Vulnerability Details
The AirBorne vulnerability set includes multiple issues, with key vulnerabilities assigned the following CVE identifiers:
  • CVE-2025-24252: A use-after-free vulnerability that could lead to Remote Code Execution (RCE).
  • CVE-2025-24132: A vulnerability that can be combined with others to achieve zero-click RCE.
An attack can be initiated when an attacker is on the same Wi-Fi network as the target device.
Potential Impact
  • Remote Code Execution (RCE): Attackers could execute arbitrary code on a target device.
  • Wormable Exploit: Malware could self-propagate from one affected device to another on the same network.
  • Eavesdropping: Devices with microphones could be compromised to listen to conversations.
  • Denial-of-Service (DoS): An attack could render the target device unusable.
Apple's Response
Apple released security patches to address these vulnerabilities on March 31, 2025. The patched operating system versions are:
  • iOS 18.4
  • iPadOS 18.4
  • macOS Ventura 13.7.5, Sonoma 14.7.5, Sequoia 15.4
  • tvOS 18.4
  • visionOS 2.4
Note: Third-party devices (e.g., speakers, smart TVs) using the AirPlay SDK require updates directly from their respective manufacturers.
Recommendations for Users
  1. Update Apple Devices: Check for and install the latest operating system updates immediately.
  2. Disable AirPlay When Not in Use: To reduce the attack surface, turn off AirPlay when it is not needed.
  3. Restrict AirPlay Access: Configure AirPlay settings to allow access only for "People Sharing This Home" or to require a password.
  4. Update Third-Party Devices: Check for firmware updates from the manufacturers of any AirPlay-enabled devices you own.
Conclusion
The AirBorne vulnerability represents a serious security threat. All users are strongly advised to follow the recommendations above as soon as possible to mitigate the risk.
share Share Facebook LINE LINE
auto_awesome

Related Articles

Summary! Apple M5 chip launched. What's new? Specifications, power.

Summary! Apple M5 chip launched. What's new? Specifications, power.

17 Oct 2025
Universal Control: The Apple Magic That Lets One Keyboard & Mouse Rule Your Devices

Universal Control: The Apple Magic That Lets One Keyboard & Mouse Rule Your Devices

03 Jul 2025
What is the difference between Mac and Windows? Comparing the pros and cons in 2025 for those who are deciding to buy a computer

What is the difference between Mac and Windows? Comparing the pros and cons in 2025 for those who are deciding to buy a computer

19 May 2025
iOS 20 Will Bring Advanced Multitasking – Get Ready for a Smarter Experience

iOS 20 Will Bring Advanced Multitasking – Get Ready for a Smarter Experience

25 Jul 2025
build_circle

Apple device acting up?

Free diagnosis before every repair · Genuine parts · Up to 1-year warranty

call 084-151-1684 LINE LINE: @cmns