AirPlay Flaws Could Allow Hackers to Spread Malware Across Local Networks, Oligo Warns

Cybersecurity firm Oligo has discovered a set of vulnerabilities in Apple's AirPlay protocol and software development kit that could allow hackers to spread malware across local networks. These vulnerabilities, which Oligo refers to collectively as "AirBorne," include two "wormable" bugs that could enable attackers to take over an AirPlay device and propagate malware to any other device on the same network. To exploit these vulnerabilities, an attacker would need to have access to the same local network as the target device. The potential consequences of an AirBorne attack are severe. Hackers could remotely execute code on connected devices, access local files and sensitive information, and even carry out denial-of-service attacks, effectively shutting down the affected device. Additionally, attackers could display unauthorized images on smart speakers or other AirPlay-enabled displays, as shown in a demonstration involving a Bose speaker. They might also gain access to the microphone on these devices, allowing them to eavesdrop on nearby conversations. Apple has addressed these issues by releasing patches for the vulnerabilities. However, the risk remains for non-Apple-made AirPlay devices, which are prevalent in the market. While the likelihood of a hacker infiltrating a home network is relatively low, the threat is higher in public networks. For example, connecting a MacBook or an iPhone to a public Wi-Fi network could expose these devices to AirBorne attacks if they are not updated with the latest Apple software. The vulnerabilities extend beyond home devices to include CarPlay systems. Oligo found that under certain conditions, such as connecting to a car’s Wi-Fi hotspot with a default, predictable, or known password, attackers could execute remote code execution (RCE) attacks. This would give them the ability to display unauthorized content on the car's infotainment system or track the vehicle's location. Oligo highlights the widespread use of AirPlay, noting that there are tens of millions of third-party AirPlay devices available, ranging from standalone speakers to home theater systems and televisions. Similarly, CarPlay is integrated into over 800 vehicle models. Despite Apple creating patches for affected third-party devices, the cybersecurity firm points out that Apple does not have direct control over the patching process for these non-Apple products. When contacted by The Verge for a comment, Apple did not immediately respond. Cybersecurity experts emphasize the importance of keeping all devices, both Apple and third-party, up-to-date with the latest software to mitigate the risk of AirBorne attacks. This includes regularly updating the software on your car's CarPlay system and changing default passwords for Wi-Fi hotspots. In summary, while Apple has taken steps to address the AirBorne vulnerabilities, users should remain vigilant and ensure their devices are fully patched to prevent potential security breaches.