Wormable AirPlay Zero-Click RCE Flaw Allows Remote Device Hijack via Wi-Fi

A major set of vulnerabilities-collectively named “AirBorne”-in Apple’s AirPlay protocol and SDK have been unveiled, enabling an array of severe attack vectors.

Most critically, these flaws allow zero-click “wormable” Remote Code Execution (RCE), meaning attackers can take over Apple and third-party devices via Wi-Fi without any user interaction.

The impact spans billions of devices globally, including Macs, iPhones, iPads, Apple TV, CarPlay systems, and third-party AirPlay-enabled speakers.

The Airborne Threat

Airborne exposes devices to attacks that can cascade rapidly across networks. The vulnerabilities make it possible for a remote attacker to:

• Hijack devices without any user action (zero-click RCE)
• Deploy self-propagating malware (“wormable” exploits)
• Eavesdrop on conversations via device microphones
• Exfiltrate sensitive information
• Launch further attacks, including ransomware and supply-chain intrusions

The technical heart of the threat is the ability for attackers to bypass authentication, execute arbitrary code, and spread automatically to other vulnerable devices on the same ...