Security Flaw in Apple’s AirPlay Exposes Devices to Hackers

Many users appreciate Apple’s AirPlay feature, but concerns have emerged regarding its security vulnerabilities.

A researcher at a cybersecurity firm discovered a significant flaw that could allow hackers to take control of devices connected to the same Wi-Fi network as AirPlay-enabled devices.

AirPlay facilitates seamless streaming from one Apple device to another or to third-party products that support the protocol.

The researcher identified 23 vulnerabilities, collectively referred to as “Airborne,” in both the AirPlay protocol and the AirPlay Software Development Kit (SDK) utilized by third-party manufacturers.

In a video demonstration, it’s shown how hackers might exploit these vulnerabilities to access AirPlay-compatible Bose speakers, executing Remote Code Execution (RCE) attacks and showcasing the “Airborne” logo on the speaker’s display.

This raises alarms about the potential for hackers to use similar techniques to spy via devices equipped with microphones.

The CTO of the cybersecurity firm estimated that millions of devices could be affected.

“Given the broad range of devices supporting AirPlay, patching these issues could take years,” he stated. “It all boils down to one software flaw impacting everything.”

The risk was communicated to Apple in late fall and winter, and the cybersecurity firm collaborated with the tech company for several months to address the issues before making the findings public.

Apple modified devices running iOS 18.4, iPadOS 18.4, macOS Ventura 13.7.5, macOS Sonoma 14.7.5, macOS Sequoia 15.4, and visionOS 2.4 on March 31.

However, third-party devices supporting AirPlay still face vulnerabilities. Users are urged to apply updates to protect their devices from potential threats.

Apple mentioned it has provided patches for these third-party devices but noted that there are “limitations” to the types of attacks possible through the AirPlay bug.

Because RCE attacks can be executed close to the device, systems equipped with CarPlay are also vulnerable, especially if they have default or easily guessed Wi-Fi hotspot passwords.

To enhance protection against hacker threats, several precautions are recommended:

• Update Devices: It’s crucial for users to ensure all AirPlay-compatible devices are updated to the latest software version.
• Disable AirPlay Receiver: Completely turning off AirPlay when not in use can mitigate risks, as suggested.
• Restrict AirPlay to Trusted Devices: Users should only stream content to devices they trust.
• Adjust AirPlay Settings: Navigate to [Settings] > [AirPlay & Continuity] to select the latest user permissions, which, while not eliminating all issues, reduces potential attacks.
• Avoid Public Wi-Fi: It’s advisable not to enable or use AirPlay on public Wi-Fi networks.