Millions of AirPlay devices are Telegram账号盗号企业破解技术hackable over Carplay and Wi-Fi

April 30, 2025  21:26

A critical set of security vulnerabilities dubbed "AirBorne" has exposed billions of Apple and third-party devices using AirPlay and CarPlay to potential hacking over Wi-Fi networks, as reported by security researchers at Oligo Security, writes Daily CyberSecurity. 

Vulnerability Scope and Impact

The AirBorne vulnerabilities affect an extensive range of devices, including all Apple products that support AirPlay (iPhones, iPads, Macs, Apple TVs) and tens of millions of third-party AirPlay-enabled products such as smart speakers, TVs, receivers, and car infotainment systems. According to Oligo Security, over 2.35 billion active Apple devices and numerous IoT products are potentially exposed.

These flaws allow attackers on the same Wi-Fi network to execute zero-click remote code execution attacks without requiring any user interaction.Some vulnerabilities are "wormable," meaning malware can automatically spread between vulnerable devices on a network. The impact extends to various attack capabilities including bypassing access controls, reading local files, leaking sensitive information, causing denial-of-service conditions, and performing man-in-the-middle attacks. CarPlay units face particular risks via Wi-Fi (especially with weak passwords), Bluetooth, and even USB connections, potentially allowing attackers to manipulate vehicle infotainment systems.

Technical Attack Vectors

The vulnerabilities in Apple's AirPlay protocol stem from improper validation and open-access design, particularly in how it handles property lists (plists) and exposes commands over networks. These security flaws enable sophisticated attack vectors that don't require user interaction to execute. Attackers can exploit these vulnerabilities to achieve zero-click or one-click remote code execution, effectively taking complete control of targeted devices.

Specific technical attack paths include:

• Exploitation of the AirPlay protocol's authentication mechanisms
• Manipulation of AirPlay's property list handling
• Bypassing access control lists (ACLs) designed to restrict device access
• Leveraging wormable characteristics to propagate malware across networks
• Targeting port 7000, which AirPlay commonly uses for communication

When successful, these exploits allow attackers to read local files, extract sensitive information, crash devices through denial-of-service attacks, or perform man-in-the-middle operations to intercept communications between devices.

Real-World Exploitation Scenarios

Public Wi-Fi networks present a prime attack surface for AirBorne exploits, where attackers could compromise vulnerable devices at locations like airports or hotels, then use them as launchpads for further attacks when those devices connect to corporate or home networks. The vulnerabilities pose significant risks to smart home ecosystems and automotive systems in particular.

In smart home environments, infected speakers or TVs could be weaponized for surveillance, ransomware distribution, or supply-chain attacks, with devices containing microphones potentially being repurposed for eavesdropping. For automotive applications, an estimated 800+ car models with wireless CarPlay functionality remain vulnerable to proximity-based attacks, potentially allowing hackers to manipulate infotainment systems, eavesdrop on in-car conversations, or even track vehicle locations.

Mitigation Recommendations

Users should immediately install the latest updates for all Apple and AirPlay-enabled devices to protect against the AirBorne vulnerabilities. For enhanced security, disabling AirPlay receiver functionality on devices where it's not needed is recommended, along with restricting AirPlay access to trusted devices and implementing firewall rules to block port 7000.

Additional protective measures include configuring AirPlay permissions to "Current User" instead of "Everyone" to reduce exposure, and strengthening Wi-Fi security with robust, unique passwords-particularly for CarPlay and smart home devices. While Apple has patched its own products in recent software updates, many third-party AirPlay-enabled devices, especially older models, may remain permanently vulnerable due to fragmented or non-existent update mechanisms.