Overview

• Cybersecurity firm Oligo disclosed 23 vulnerabilities in Apple's AirPlay protocol and SDK, collectively termed 'AirBorne,' enabling remote code execution, denial-of-service attacks, and more.
• Apple has patched its own devices and released updates for third-party manufacturers, but many third-party AirPlay-enabled devices remain unpatched, potentially for years.
• Certain 'wormable' vulnerabilities can spread malware across local networks, posing risks to homes, offices, and public Wi-Fi environments.
• Exploitation requires attackers to be on the same Wi-Fi network, but public networks and poorly secured routers increase the attack surface.
• Oligo warns unpatched devices could enable espionage, ransomware, and botnet creation, urging users and organizations to update firmware and restrict AirPlay settings.