CVE-2025-24271

Name of the Vulnerable Software and Affected Versions Apple macOS versions prior to 15.4 Apple tvOS versions prior to 18.4 Apple macOS Ventura versions prior to 13.7.5 Apple iPadOS versions prior to 17.7.6 Apple macOS Sonoma versions prior to 14.7.5 Apple iOS versions prior to 18.4 Apple visionOS versions prior to 2.4

Description An access control issue was identified within the AirPlay Handler component of Apple operating systems. This issue allows an unauthenticated user on the same network as a signed-in device to send AirPlay commands without proper pairing. The issue impacts the confidentiality and integrity of the affected systems. Reports indicate that this issue has been actively exploited, potentially enabling unauthorized access and control. The vulnerability allows for unauthenticated command execution due to an Access Control List bypass.

Recommendations Update macOS to version 15.4 or later. Update tvOS to version 18.4 or later. Update macOS Ventura to version 13.7.5 or later. Update iPadOS to version 17.7.6 or later. Update macOS Sonoma to version 14.7.5 or later. Update iOS to version 18.4 or later. Update visionOS to version 2.4 or later.