Researchers at cybersecurity firm Oligo today outlined a series of AirPlay vulnerabilities that impact millions of Apple devices (via Wired) and accessories that connect to Apple devices. While Apple has addressed the flaws in security updates that have come out over the last several months, some third-party devices that support AirPlay remain vulnerable.
Dubbed “Airborne,” the AirPlay vulnerabilities allowed attackers to take control of devices that support AirPlay to spread malware to other devices on any local device that the infected device connects to. An attacker would need to be on the same Wi-Fi network as the intended victim, putting public Wi-Fi spots, businesses, and other high-traffic areas at more risk.
Oligo researchers said that the AirPlay flaws could lead to “sophisticated attacks related to espionage, ransomware, supply-chain attacks, and more.” The vulnerabilities could be used independently or chained together for a “variety of possible attack vectors,” such as Remote Code Execution, user interaction bypass, Denial of Service attacks, Man-in-the-Middle attacks, and more.
Apple worked with Oligo to identify and fix the vulnerabilities. Oligo found 23 separate security flaws, and Apple issued 17 CVEs to address them. Information on each vulnerability is outlined on Oligo’s website. Apple also deployed fixes for its AirPlay SDK for third-party manufacturers.
The same Airborne vulnerabilities also impact CarPlay, which could allow hackers to hijack the automotive computer in a car. This attack vector would require the attacker to be directly in the car and connected to either the car’s Bluetooth or an in-car USB port, which makes it unlikely.
Oligo recommends that users upgrade to the latest versions of iOS, iPadOS, macOS, tvOS, and visionOS, to protect themselves from these vulnerabilities. Other devices that support AirPlay may still be vulnerable, so users should take steps like disabling the AirPlay Receiver feature on Macs and restricting AirPlay to the current user instead of all users.
Oligo CTO Gal Elbaz told Wired that there could be tens of millions of third-party AirPlay devices that are still vulnerable to attack. Because AirPlay is supported in such a wide variety of devices, there are a lot that will take years to patch–or they will never be patched,” he said.
