Millions of Apple AirPlay devices are vulnerable to Wi-Fi hacks.
A series of bugs, named AirBorne, allows hackers on the same Wi-Fi network to execute code on third-party AirPlay devices. This affects Apple products supporting AirPlay and millions of third-party devices like smart speakers and TVs.
AirBorne vulnerabilities impact over 2.35 billion active Apple devices and numerous IoT products. Attackers can remotely execute code without user interaction. Some vulnerabilities are "wormable", enabling automatic malware spread across vulnerable devices.
Technical attacks include exploiting AirPlay's authentication, manipulating property lists, and bypassing access controls. Successful exploits allow reading local files, extracting sensitive data, and performing man-in-the-middle attacks.
Public Wi-Fi networks are prime targets for AirBorne exploits. Compromised devices can be used for surveillance, ransomware distribution, or supply chain attacks. Over 800 car models with wireless CarPlay are vulnerable to proximity-based attacks, potentially allowing manipulation of infotainment systems.
Immediate installation of updates for Apple and AirPlay devices is crucial. Disabling AirPlay on unnecessary devices, restricting access, and implementing firewall rules to block port 7000 are recommended.