If you regularly use AirPlay to stream content from your iPhone to your TV or Mac, you should be careful now. Researchers at the security firm Oligo have discovered vulnerabilities in AirPlay that affect not only Apple devices but also many third-party products. The holes enable targeted attacks over the network – with potentially serious consequences. Even though Apple has responded, the problem is far from resolved.
The vulnerabilities, collectively known as "Airborne," affect AirPlay on iOS, macOS, iPadOS, tvOS, and visionOS devices. Apple has released security updates in recent months to close the gaps. However, third-party devices that support AirPlay remain vulnerable in many cases. This makes the issue particularly sensitive—especially in public Wi-Fi networks, where attackers can easily gain access to the same network.
What is “Airborne” and how does the attack work?
The AirPlay vulnerabilities allow attackers to gain access to AirPlay-enabled devices via a shared Wi-Fi network. The attacker only needs to be on the same network as the target device—for example, in hotels, airports, cafes, or office buildings. A compromised device can then be used to spread malware—including to other devices on the network. The vulnerabilities can be exploited individually or in combination. According to Oligo, the following types of attacks are possible:
- Remote Code Execution
- Attacks without user interaction
- Denial-of-Service (device is disabled)
- Man-in-the-middle attacks (intercepting data traffic)
- Ransomware and espionage attacks
- Attacks on supply chains
These types of attacks show how diverse and dangerous AirPlay vulnerabilities are – especially if they go unnoticed.
Apple has responded – but not all devices are secure
Oligo discovered a total of 23 vulnerabilities. Apple documented 17 of them via CVEs and fixed them with security updates. The updates affect all current operating systems – from iOS to macOS and tvOS. The AirPlay SDK for third-party developers has also been updated. The problem, however, is that many third-party devices don't automatically receive these updates. According to Gal Elbaz, CTO of Oligo, there are millions of such devices worldwide that support AirPlay, but they may never be patched. It could take years until all affected devices are secured – if ever.
CarPlay is also affected – but under different conditions
The "airborne" vulnerabilities affect not only classic AirPlay devices, but also CarPlay. Here, hackers could theoretically gain access to a car's infotainment system. In practice, however, this would only be possible if the attacker had physical access to the car and was connected to the system via Bluetooth or USB. The attack options are therefore significantly more limited than with normal AirPlay devices, but still technically feasible (via Wired).
How to protect yourself from AirPlay attacks
If you use AirPlay, you should implement the following protective measures:
- Keep all Apple devices up to date. The necessary patches are already included in the latest versions of iOS, iPadOS, macOS, tvOS, and visionOS.
- If you're using a Mac, disable AirPlay reception if you don't need it.
- Set AirPlay so that only the current user can stream content – not everyone on the network.
- Avoid using AirPlay on public Wi-Fi networks.
- Check if your third-party devices with AirPlay functionality have received updates. If not, you may want to stop using them or disconnect them from the network.
AirPlay remains practical, but you have to think ahead
AirPlay is a convenient feature, but currently also a risk if you're not up to date. Apple has fixed many of the vulnerabilities, but third-party providers are often the weak link in the chain. Therefore, install updates, limit features, and be cautious with third-party devices. This is the only way to prevent your devices from becoming part of a larger problem. (Image: Shutterstock / FellowNeko)
- ChatGPT: New shopping features for better shopping
- Trump official: Apple wants to build in the US, but robots are missing
