Oligo researchers discovered vulnerabilities in various AirPlay-enabled devices that could turn them into listening devices. While they warned Apple, leading to security updates, the risks are limited as attackers must be on the same Wi-Fi network. The findings also impact CarPlay systems, allowing potential hijacking of vehicles' head units via Bluetooth or USB. However, exploitation requires close-range access, which mitigates the overall threat level and limits user data access on devices like TVs and speakers.
Many vulnerable devices have microphones, making them potential listening devices for espionage, although proof-of-concept malware was not created by researchers.
Researchers at Oligo notified Apple about the AirBorne vulnerabilities in late fall and winter, leading to collaborative security updates and patches.
Apple reiterated limitations to the AirPlay exploits, stating that attackers must be on the same Wi-Fi network, thus restricting potential attacks.
The AirBorne vulnerabilities affecting CarPlay could allow hijacking of automotive computers, but require a specific pairing, limiting the risk of vehicle hacking.
Collection
[
|
...
]