Many people are reaching out to our team regarding the vulnerabilities disclosed by Apple today, which reference Oligo Security. In order to protect users worldwide, we will not share further details on the vulnerabilities at this time.
On January 27, 2025, Apple released security updates for macOS, iPhone (iOS) , iPadOS, Apple Watch, Apple TV, and Apple Vision Pro. Of these, 5 vulnerabilities in AirPlay were reported by Oligo Security. A list of the vulnerabilities is below.
AirPlay is Apple's proprietary protocol for wireless communication between compatible devices from Apple and other vendors. Airplay supports streaming of audio, video, photos, and full screen mirroring, along with associated metadata.
At the end of 2024, the Oligo research team discovered multiple vulnerabilities in the AirPlay protocol that could lead to Denial of Service (DOS) and Remote Code Execution (RCE) attacks on devices that are utilizing AirPlay. These vulnerabilities could potentially allow an attacker to fully take control of the affected device and/or crash the AirPlay service on the device repetitively to cause a denial of service.
We are following a responsible disclosure process with Apple. In order to keep users safe, we will share our in-depth technical details on these vulnerabilities at a later date.
If you would like to be notified when the technical blog is released, please subscribe to our blog,
Vulnerabilities uncovered by Oligo
CVE-2025-24126
Impact: An attacker on the local network may be able to cause unexpected system termination or corrupt process memory
Description: An input validation issue was addressed.
CVE-2025-24129
Impact: A remote attacker may cause an unexpected app termination
Description: A type confusion issue was addressed with improved checks.
CVE-2025-24131
Impact: An attacker in a privileged position may be able to perform a denial-of-service
Description: The issue was addressed with improved memory handling.
CVE-2025-24177
Impact: A remote attacker may be able to cause a denial-of-service
Description: A null pointer dereference was addressed with improved input validation.
CVE-2025-24137
Impact: A remote attacker may cause an unexpected application termination or arbitrary code execution
Description: A type confusion issue was addressed with improved checks.
Our suggested remediation steps
- Users are advised to update their devices to mitigate potential security risks.
- Disable AirPlay Receiver: We recommend fully disabling the AirPlay receiver if it is not in use.
- Restrict AirPlay Access: Create firewall rules to limit AirPlay communication (Port 7000 on Apple devices) to only trusted devices, enhancing network security and reducing exposure.
Restrict AirPlay Settings: Change the “Allow AirPlay for” to “Current User”. While this does not prevent all of the issues mentioned in the report, it does reduce the protocol attack surface.
When any new vulnerabilities come to light, it is mission critical for users and organizations alike to promptly update their devices and follow guidance from their security teams to minimize risk. This is especially pivotal for vulnerabilities that could allow for denial of service and RCE attacks to take place.
Oligo researchers specialize in uncovering application vulnerabilities, and have an established track record of finding critical vulnerabilities in AI models, Web Applications, and other modern applications that power businesses around the world.
We would like to thank Apple for promptly addressing these issues.
.png)