Skip to main content
A Singapore Government Agency Website How to identify
Official website links end with .gov.sg
Government agencies communicate via .gov.sg websites (e.g. go.gov.sg/open). Trusted websites
Secure websites use HTTPS
Look for a lock () or https:// as an added precaution. Share sensitive information only on official, secure websites.

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Call the 24/7 ScamShield Helpline at 1799 if you are unsure if something is a scam.

Cyber Security Agency of Singapore
Alerts

Multiple Vulnerabilities in Apple AirPlay Protocol and Software Development Kit

30 April 2025

Apple has released security updates addressing multiple vulnerabilities in their AirPlay Protocol and Software Development Kit (SDK). Users and administrators of affected products are advised to update to the latest versions immediately.

Apple has released security updates addressing multiple vulnerabilities (CVE-2025-24252, CVE-2025-24206 and CVE-2025-24132) in their AirPlay Protocol and Software Development Kit (SDK). 

The vulnerabilities are:

  • CVE-2025-24252: Successful exploitation of the use-after-free vulnerability could allow a remote attacker to execute arbitrary code. When exploited together with CVE-2025-24206, the attacker is able to perform zero-click remote code execution on other vulnerable AirPlay-enabled devices in the same network, without any user interaction. The vulnerability has a Common Vulnerability Scoring System (CVSSv3.1) score of 9.8 out of 10.

  • CVE-2025-24206: Successful exploitation of the vulnerability could allow an attacker to bypass authentication and conduct malicious activites without user interaction when exploited with other vulnerabilities.

  • CVE-2025-24132: Successful exploitation of the stack-based buffer overflow vulnerability could allow an attacker to perform zero-click remote code execution on vulnerable AirPlay SDK devices and potentially leak sensitive information by eavesdropping.

The vulnerabilities affect the following products:

CVE-2025-24252 and CVE-2025-24206:

  • iPhone XS and later

  • iPad Pro 13-inch

  • iPad Pro 12.9-inch 3rd generation and later

  • iPad Pro 11-inch 1st generation and later

  • iPad Air 3rd generation and later

  • iPad 7th generation and later

  • iPad mini 5th generation and later

  • iPad Pro 12.9-inch 2nd generation

  • iPad Pro 10.5-inch

  • iPad 6th generation

  • macOS Sequoia

  • macOS Sonoma

  • macOS Ventura

  • Apple TV HD and Apple TV 4K (all models)

  • Apple Vision Pro

CVE-2025-24132:

  • AirPlay audio SDK 2.7.1

  • AirPlay video SDK 3.6.0.126

  • CarPlay Communication Plug-in R18.1

Users and administrators of affected products are advised to update to the latest versions. The following mitigations are also encouraged:

  • Disable AirPlay receiver fully if not in use

  • Restrict AirPlay settings by changing "Allow AirPlay for" to "Current User" to reduce attack surface

Users are also advised to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://nvd.nist.gov/vuln/detail/CVE-2025-24252

https://www.oligo.security/blog/airborne

https://www.bleepingcomputer.com/news/security/apple-airborne-flaws-can-lead-to-zero-click-airplay-rce-attacks/


Back to top