AirPlay security flaws could help hackers spread malware on your network
1 min read
Summary
Security firm Oligo has identified a series of software flaws in AirPlay that could allow hackers to take control of such devices and spread malware to other devices on the same network.
The company has dubbed the vulnerabilities and attacks “AirBorne” and said two of the bugs are “wormable”, meaning they can spread autonomously.
Oligo pointed out that an attacker could take several actions, including showing images on a smart speaker’s display, using its microphone to listen to private conversations, and remotely executing code on devices (known as RCE).
Apple has issued patches for the flaws, but there are still risks from non-Apple devices using AirPlay that aren’t updated with the latest software.
The vulnerabilities also extend to in-car systems, with Oligo noting an attacker could take control of a CarPlay device in specific situations and carry out an RCE attack.