Serious gaps in AirPlay: Apple patches, other devices probably still vulnerable
Vulnerabilities allow AirPlay devices to be taken over, warn security researchers. There are patches for iPhones & Co, but it gets tricky with other hardware.
(Image: Motortion Films/Shutterstock.com)
Apple users should immediately check whether their AirPlay-enabled devices are up to date with the latest software. On Tuesday, security researchers provided the first details of several serious vulnerabilities in the AirPlay protocol. These vulnerabilities, called "AirBorne", can allow attackers to compromise AirPlay-enabled devices – if they are on the same Wi-Fi network, as the security firm Oligo warns. Updates for Apple devices such as iPhones, iPads and Macs have been available since the end of January to close the gaps. According to the manufacturer, these have been fixed as of iOS 18.3 and macOS 15.3, and Apple has also released patches for older operating systems and devices in parallel.
Updates for iOS and macOS are already available
On Apple devices, the AirPlay vulnerabilities could only be exploited if users have changed the default settings, the company emphasized to Wired magazine. Further details were not provided: Presumably, it is about changes in "Settings > General > AirPlay & Integration". Users who have enabled their device as an AirPlay receiver should check whether this is restricted to their own Apple account ("Allow AirPlay for: Current user account") and is not enabled "for everyone".
While iPhones & Co are easy to patch and many users usually install the Apple updates quickly, other AirPlay devices remain a problem. The number of AirPlay-enabled devices from various manufacturers, including speakers and televisions, is probably in the tens of millions, according to the security researchers. It may take years before everything is patched – and some hardware will probably remain vulnerable. As long as an attacker manages to get into the respective WLAN, they could take over such AirPlay devices and use them for further attacks, for example. As microphones are sometimes also integrated into such accessories, eavesdropping attacks are at least conceivable.
Specifically, the security researchers demonstrated an attack on an AirPlay-enabled Bose speaker: an AirBorne image replaced the Bose logo. Apple emphasized to Wired that there is usually only limited user data on smart home devices that could be affected.
Videos by heise
Patches for Apple's AirPlay SDK
Apple has also provided a patch for its AirPlay SDK – as well as for CarPlay. According to Oligo, the infotainment system in the car can also be attacked via the gaps, but the attacker must first connect to the on-board system. Other manufacturers must now also integrate the patches and users must ultimately remember to update their speakers and other networked AirPlay devices, for example.
Empfohlener redaktioneller Inhalt
Mit Ihrer Zustimmung wird hier ein externer Preisvergleich (heise Preisvergleich) geladen.
Ich bin damit einverstanden, dass mir externe Inhalte angezeigt werden. Damit können personenbezogene Daten an Drittplattformen (heise Preisvergleich) übermittelt werden. Mehr dazu in unserer Datenschutzerklärung.
(lbe)
