Cybersecurity firm finds Apple AirPlay flaw, urges updates [May 2025]

This week, cybersecurity researchers with Oligo say they identified 23 vulnerabilities related to Apple AirPlay, leading Apple to issue over a dozen fixes.

Dubbed “AirBorne” by the researchers, the security vulnerabilities affect the Apple AirPlay network and could compromise various devices. According to an Oligo blog post, the researchers say the vulnerabilities “enable an array of attack vectors” that could allow “attackers to potentially take control of devices that support AirPlay — including both Apple devices and third-party devices that leverage the AirPlay [Software Development Kit].”

The Oligo blog outlines a number of potential attacks, including Zero-Click RCE, Man-in-the-Middle, and Denial of Service (DOS) attacks. But if you don’t know what any of that means, that’s OK — the solution for Apple users is fairly straightforward.

Essentially, as long as you update your devices to the latest versions of macOS, iOS, and iPadOS, your devices should be safe. In addition, some cybersecurity experts recommend disabling the AirPlay feature entirely unless you’re actively using it.

The “AirBorne” vulnerabilities would allow hackers to infect Apple devices with malware or seize control of the device, whether that’s a MacBook or iPhone. They could then deploy malware or steal sensitive information. AirBorne also affected third-party devices connected to AirPlay, leaving smart Internet-of-things (IOT) devices at risk.

The researchers say they worked with Apple to “identify and address” the flaws, and that Apple issued 17 CVEs in response to the research.

In the cybersecurity world, CVE stands for Common Vulnerabilities and Exposures, and it refers to a specific identifying number associated with a publicly disclosed cybersecurity problem. In a national CVE database hosted by the National Institute of Standards and Technology, users can find a number of new CVEs published by Apple on April 28, 2025, such as CVE-2025-24252 and CVE-2025-24206.

The CVE description states that Apple fixed these bugs in “in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4.”