Wormable Zero-Click RCE in Apple AirPlay Protocol Exposes Billions of Devices to Remote Attacks - #CVE-2025-24132
Security researchers at Oligo Security have uncovered a series of critical vulnerabilities in Apple's AirPlay protocol and SDK, collectively named "AirBorne." These flaws, comprising 23 vulnerabilities with 17 assigned CVEs, expose billions of Apple and third-party devices to potential zero-click remote code execution (RCE) attacks, man-in-the-middle attacks, and wormable exploits. Two particularly severe vulnerabilities, CVE-2025-24252 and CVE-2025-24132, enable attackers to create self-propagating malware that can spread across networks without user interaction. The potential impact of these vulnerabilities is significant, allowing attackers to deploy malware, conduct espionage, execute ransomware attacks, and compromise supply chains. In response, Apple has collaborated with Oligo Security to address these issues, releasing security updates for iOS, iPadOS, macOS, and related SDKs. Users and organizations are strongly advised to update their devices immediately, restrict AirPlay access, and implement additional security measures to mitigate the risks effectively.