Why trust Greenbot
Critical security flaws in Apple’s AirPlay technology allow hackers to take control of smart speakers, TVs, and car systems without passwords. These vulnerabilities, named “AirBorne,” affect billions of devices worldwide and might never be fixed on many third-party products.
Security firm Oligo Security found 23 vulnerabilities in Apple’s AirPlay protocol and software development kit. Two of these flaws allow hackers to create “zero-click” attacks that spread malware across networks without requiring user interaction. Apple released a patch for its own devices in March, but millions of third-party products may never get updates.
“Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch—or they will never be patched,” warns Gal Elbaz, Oligo Security’s Chief Technology Officer.
The attack works when hackers join the same Wi-Fi network as their targets. Public Wi-Fi spots in airports and cafes are prime locations for exploitation. This limitation, however, doesn’t diminish the threat to home networks with weak security.
AirBorne affects over 2.35 billion Apple devices and tens of millions of third-party products with AirPlay. “This means that an attacker can take over certain AirPlay-enabled devices and do things like deploy malware that spreads to devices on any local network the infected device connects to. This could lead to the delivery of other sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more,” Oligo explained.
The most concerning vulnerabilities include CVE-2025-24252, a bug in macOS that allows remote code execution, and CVE-2025-24132, a flaw affecting third-party speakers and CarPlay systems.
For CarPlay-enabled vehicles, attacks are harder. Hackers need physical proximity through Bluetooth or weak Wi-Fi passwords. If successful, they could track vehicle locations or distract drivers with unexpected sounds or images.
Security experts suggest several ways to stay safe. Users should update all Apple devices immediately and disable the AirPlay receiver when not in use. Network administrators can limit AirPlay access through firewall rules that restrict port 7000 to trusted devices only.
The widespread integration of AirPlay into everyday devices creates an enduring security challenge. Many older smart home devices lack regular updates, leaving them permanently vulnerable to these new attack methods.
This discovery highlights growing concerns about Internet of Things security, where connected devices with varying update cycles create long-term vulnerabilities that last long after fixes become available.
