A series of vulnerabilities in Apple's AirPlay protocol, collectively named AirBorne by Oligo, allow attackers to gain control of devices using the technology. Researchers note that these vulnerabilities, including CVE-2025-24252 and CVE-2025-24132, can be exploited together to create a wormable zero-click remote code execution (RCE) exploit. The risks extend to security threats like ransomware and backdoors, especially when devices are connected to public Wi-Fi and later to more secure networks.
Researchers emphasize the potential for AirPlay vulnerabilities to enable attackers to take control of devices and deploy malware on local networks.
These vulnerabilities can be exploited through a series of chained attacks, leading to serious security risks including ransomware deployment and remote code execution.
Collection
[
|
...
]