Primary

Context

Apple Multiple Products AirPlay Authentication Bypass Vulnerability

Vulnerability

Patched

An authentication bypass vulnerability has been identified in the AirPlay feature of several Apple products, including macOS Ventura 13.7.5, macOS Sequoia 15.4, and macOS Sonoma 14.7.5. This vulnerability allows an unauthenticated user on the same network as a signed-in Mac to send AirPlay commands without the need for pairing. The issue arises from inadequate access restrictions, which have been addressed in the latest updates.

Impact

Exploitation of this vulnerability could lead to unauthorized control of the AirPlay feature, allowing an attacker to send commands to a Mac without proper authentication.

Remediation

Users can update to macOS Ventura 13.7.5, macOS Sequoia 15.4, or macOS Sonoma 14.7.5 to address this vulnerability.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.7

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple Multiple Products AirPlay Authentication Bypass Vulnerability

Vulnerability

Impact

Remediation

Affected Products

Apple macOS Ventura

Apple iPadOS

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating