{"vulnerability": "CVE-2025-24252", "sightings": [{"uuid": "6e19b312-be07-4989-a112-cc2a5a986855", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/undercode.bsky.social/post/3lo25jawmqk2q", "content": "", "creation_timestamp": "2025-04-30T15:49:57.564263Z"}, {"uuid": "7ea24205-c1b3-4192-9485-e7c57245519b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/securestep9.bsky.social/post/3lnxkjfrtlc2e", "content": "", "creation_timestamp": "2025-04-29T15:04:42.891564Z"}, {"uuid": "0dff6285-b839-43fc-ba92-1ce903c39ebe", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/114422273786358842", "content": "", "creation_timestamp": "2025-04-29T16:49:03.596503Z"}, {"uuid": "8adb4405-1e62-406d-9ff1-0d5d409891a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lnweue3snj2b", "content": "", "creation_timestamp": "2025-04-29T03:50:47.398882Z"}, {"uuid": "e5d59b68-9b29-4d9e-b32c-4285c9677952", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://infosec.exchange/users/vuldb/statuses/114419419343092595", "content": "", "creation_timestamp": "2025-04-29T04:43:04.829081Z"}, {"uuid": "0d3a97d6-fd02-49fc-8704-9ba41a87fb40", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/aimainainnu.bsky.social/post/3lo3lfw7xws2e", "content": "", "creation_timestamp": "2025-05-01T05:31:33.680396Z"}, {"uuid": "5eed1f50-116a-4b6a-959b-e62cc726af0a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/noodles.nz/post/3lnylskjxo22i", "content": "", "creation_timestamp": "2025-04-30T01:00:27.906096Z"}, {"uuid": "aa3efb31-e87f-4b96-b1e5-86139b4f3cdc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/pmloik.bsky.social/post/3lnypyps63f2q", "content": "", "creation_timestamp": "2025-04-30T02:15:24.641300Z"}, {"uuid": "2574f2d4-239f-4f16-9c7e-8143bdceacc0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/shiojiri.com/post/3lnyzttinjk24", "content": "", "creation_timestamp": "2025-04-30T05:11:44.007900Z"}, {"uuid": "a375e1e4-1de0-4ad0-965d-0ae8530b8a5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lo3wn322jc2r", "content": "", "creation_timestamp": "2025-05-01T08:52:15.933740Z"}, {"uuid": "ce2cd766-147b-4022-8cb1-7866de63ca09", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lo3wn5es4k2r", "content": "", "creation_timestamp": "2025-05-01T08:52:16.732608Z"}, {"uuid": "87fb9a68-5301-4dc9-97c8-81ae6e5386ab", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/basefortify.bsky.social/post/3lo3wn5et3s2r", "content": "", "creation_timestamp": "2025-05-01T08:52:17.499100Z"}, {"uuid": "cd260d5f-b348-46a6-95cf-f64468416629", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3loh7gm2e2k2p", "content": "", "creation_timestamp": "2025-05-05T20:28:43.359209Z"}, {"uuid": "b1a98743-80f0-4e5c-b7d9-f2a05e2466cb", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/twigsama.bsky.social/post/3lo73q46jy22d", "content": "", "creation_timestamp": "2025-05-02T15:01:20.117751Z"}, {"uuid": "7a11e421-85d9-4a4e-a9b2-50577cfefee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://bsky.app/profile/youranonriots.bsky.social/post/3loh7god37c2p", "content": "", "creation_timestamp": "2025-05-05T20:28:43.977863Z"}, {"uuid": "6a890009-b624-4dac-bf07-60f48cf446a9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "Telegram/3XjFdQnl9XelOVe1uN4E2a4frNC7kETFnR_z5QGqSWjIPjM", "content": "", "creation_timestamp": "2025-06-11T15:00:07.000000Z"}, {"uuid": "f7e8ca76-8715-4f9c-bccf-96d990a64890", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://infosec.exchange/users/DarkWebInformer/statuses/115392590127472527", "content": "", "creation_timestamp": "2025-10-18T01:33:13.051141Z"}, {"uuid": "cd316633-518f-4fa4-82d3-3757b012e066", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "Telegram/cecIoS46aM_lzFx0bKF1CERIzuoGO9AycvCYCjeLmGZFHs0", "content": "", "creation_timestamp": "2026-04-02T22:16:17.000000Z"}, {"uuid": "ef74593b-bdbd-4b66-8e11-dcc01dd56ce4", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "Telegram/HtlWPkPiQ_vvGfGgGspf86pXjCdMEq1pNHvPDVw1Ntc41Co", "content": "", "creation_timestamp": "2026-04-02T22:16:28.000000Z"}, {"uuid": "77bc0234-2e9c-49dd-bf2f-47c6524253e2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34683", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1apoc for CVE-2025-24252 & CVE-2025-24132\nURL\uff1ahttps://github.com/ekomsSavior/AirBorne-PoC\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-29T22:49:59.000000Z"}, {"uuid": "3223972a-1af7-44ee-bf88-57b7efaddbb3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/cIub1337/226", "content": "A critical set of vulnerabilities were uncovered in Apple\u2019s AirPlay protocol and its associated AirPlay Software Development Kit (SDK), which is used by third-party vendors to integrate AirPlay into third-party devices, collectively dubbed \u201cAirBorne.\u201d\n\nThe vulnerabilities enable an array of attack vectors and outcomes, including:\n- Zero-Click RCE\n- One-Click RCE\n- Access control list (ACL) and user interaction bypass\n- Local Arbitrary File Read\n- Sensitive information disclosure\n- Man-in-the-middle (MITM) attacks\n- Denial of service (DoS)\n\nNotably, two vulnerabilities\u2014CVE-2025-24252 and CVE-2025-24132\u2014can be exploited to execute wormable zero-click RCE attacks, allowing malware to spread across devices via wireless or peer-to-peer connections without user interaction. \ufffc\n\nApply available security updates and consider disabling #AirPlay features when not in use to mitigate potential exploitation.\n\n#AirBorne\n\nhttps://www.oligo.security/blog/airborne\n\nTelegram   \u2709\ufe0f @club1337\nX (Twitter) \ud83d\udd4a @club31337", "creation_timestamp": "2025-04-30T17:00:51.000000Z"}, {"uuid": "24cd754a-65ee-4147-9055-89695dfc3f1b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/40076", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aCVE-2025-24252\nURL\uff1ahttps://github.com/B1ack4sh/Blackash-CVE-2025-24252\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-06-11T10:30:56.000000Z"}, {"uuid": "6dda1634-0587-415a-8342-1c4f6be44a5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34681", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1apoc for CVE-2025-24252 & CVE-2025-24132\nURL\uff1ahttps://github.com/ekomsSavior/2-PoCs-1-repository\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-29T22:33:24.000000Z"}, {"uuid": "80de365f-27c1-46e8-883d-cea29a62eee1", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/34679", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1apoc for CVE-2025-24252 & CVE-2025-24132\nURL\uff1ahttps://github.com/ekomsSavior/2-poc-s-1-repository\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-04-29T22:16:51.000000Z"}, {"uuid": "24d82919-1e1b-4b1c-89c5-7ccd17d8373e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "https://t.me/GithubRedTeam/36333", "content": "GitHub\u76d1\u63a7\u6d88\u606f\u63d0\u9192\uff01\uff01\uff01 \n\n\u66f4\u65b0\u4e86\uff1aCVE-2025\n\u63cf\u8ff0\uff1aiOS Airborne vulnerabilities log artifact extractor from LogArchive CVE-2025-24252\nURL\uff1ahttps://github.com/cakescats/airborn-IOS-CVE-2025-24252\n\n\u6807\u7b7e\uff1a#CVE-2025", "creation_timestamp": "2025-05-11T00:52:07.000000Z"}, {"uuid": "464731aa-9475-4683-b4ae-04068aca0c33", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "published-proof-of-concept", "source": "Telegram/O3NuM9Mq4SCXqBgDe5Z0H8KyVT7NeMwDEztuFj2IIEQAA90", "content": "", "creation_timestamp": "2025-05-12T11:00:06.000000Z"}, {"uuid": "969ab8c9-e61d-4347-8886-056eb9bce4b3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "seen", "source": "https://t.me/cvedetector/23972", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-24252 - Apple macOS Use-After-Free Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-24252 \nPublished : April 29, 2025, 3:15 a.m. | 58\u00a0minutes ago \nDescription : A use-after-free issue was addressed with improved memory management. This issue is fixed in macOS Sequoia 15.4, tvOS 18.4, macOS Ventura 13.7.5, iPadOS 17.7.6, macOS Sonoma 14.7.5, iOS 18.4 and iPadOS 18.4, visionOS 2.4. An attacker on the local network may be able to corrupt process memory. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"29 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-29T06:47:51.000000Z"}, {"uuid": "b949fd83-1877-40bb-b002-786681ce17b0", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "exploited", "source": "https://t.me/true_secator/7001", "content": "\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Oligo Security \u0440\u0430\u0441\u043a\u0440\u044b\u043b\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438 \u0432 \u043f\u0440\u043e\u0442\u043e\u043a\u043e\u043b\u0435 AirPlay \u0438 SDK, \u0432 \u0441\u043e\u0432\u043e\u043a\u0443\u043f\u043d\u043e\u0441\u0442\u0438 \u043d\u0430\u0437\u0432\u0430\u043d\u043d\u044b\u0435 AirBorne, \u043a\u043e\u0442\u043e\u0440\u044b\u0435 \u043f\u043e\u0434\u0432\u0435\u0440\u0433\u0430\u044e\u0442 Zero-click RCE, MITM \u0438 DoS \u0430\u0442\u0430\u043a\u0430\u043c \u043d\u0435\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 Apple \u0438 \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u0434\u0438\u0442\u0435\u043b\u0435\u0439.\n\n\u041a\u0440\u043e\u043c\u0435 \u0442\u043e\u0433\u043e, \u043e\u0448\u0438\u0431\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0437\u0430\u0434\u0435\u0439\u0441\u0442\u0432\u043e\u0432\u0430\u043d\u044b \u0434\u043b\u044f \u043e\u0431\u0445\u043e\u0434\u0430 \u0441\u043f\u0438\u0441\u043a\u043e\u0432 \u043a\u043e\u043d\u0442\u0440\u043e\u043b\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 (ACL), \u043f\u043e\u043b\u0443\u0447\u0435\u043d\u0438\u044f \u0434\u043e\u0441\u0442\u0443\u043f\u0430 \u043a \u043a\u043e\u043d\u0444\u0438\u0434\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e\u0439 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u0438 \u0438 \u043f\u0440\u043e\u0438\u0437\u0432\u043e\u043b\u044c\u043d\u044b\u043c \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u044b\u043c \u0444\u0430\u0439\u043b\u0430\u043c.\n\n\u0412 \u043e\u0431\u0449\u0435\u0439 \u0441\u043b\u043e\u0436\u043d\u043e\u0441\u0442\u0438 Oligo \u043e\u0431\u043d\u0430\u0440\u0443\u0436\u0438\u043b\u0430 23 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0438, \u043e \u0447\u0435\u043c \u0443\u0432\u0435\u0434\u043e\u043c\u0438\u043b\u0430 Apple, \u043a\u043e\u0442\u043e\u0440\u0430\u044f 31 \u043c\u0430\u0440\u0442\u0430 \u0432\u044b\u043f\u0443\u0441\u0442\u0438\u043b\u0430 \u043e\u0431\u043d\u043e\u0432\u043b\u0435\u043d\u0438\u044f \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u044f \u044d\u0442\u0438\u0445 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u0432 iPhone \u0438 iPad (iOS 18.4 \u0438 iPadOS 18.4), Mac (macOS Ventura 13.7.5, macOS Sonoma 14.7.5 \u0438 macOS Sequoia 15.4) \u0438 Vision Pro (visionOS 2.4).\n\n\u041a\u043e\u043c\u043f\u0430\u043d\u0438\u044f \u0442\u0430\u043a\u0436\u0435 \u0432\u043d\u0435\u0441\u043b\u0430 \u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0438\u044f \u0432 AirPlay audio SDK, AirPlay video SDK \u0438 CarPlay Communication Plug-in.\n\n\u0412\u0441\u0435\u0433\u043e \u0431\u044b\u043b\u043e \u0432\u044b\u043f\u0443\u0449\u0435\u043d\u043e 17 \u0438\u0434\u0435\u043d\u0442\u0438\u0444\u0438\u043a\u0430\u0442\u043e\u0440\u043e\u0432 CVE \u0434\u043b\u044f \u0432\u044b\u044f\u0432\u043b\u0435\u043d\u043d\u044b\u0445 \u043f\u0440\u043e\u0431\u043b\u0435\u043c, \u0438 Apple \u0441\u043e\u0432\u043c\u0435\u0441\u0442\u043d\u043e \u0441 Oligo \u0440\u0430\u0431\u043e\u0442\u0430\u043b\u0430 \u043d\u0430\u0434 \u0438\u0445 \u0443\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435\u043c \u0432 \u043f\u043e\u0441\u043b\u0435\u0434\u043d\u0438\u0445 \u0432\u044b\u043f\u0443\u0441\u043a\u0430\u0445 iOS, iPadOS \u0438 macOS.\u00a0\n\n\u041d\u0435\u0441\u043c\u043e\u0442\u0440\u044f \u043d\u0430 \u0442\u043e, \u0447\u0442\u043e AirBorne \u043c\u043e\u0433\u0443\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u044b \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c\u0438 \u0442\u043e\u043b\u044c\u043a\u043e \u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438 \u0447\u0435\u0440\u0435\u0437 \u0431\u0435\u0441\u043f\u0440\u043e\u0432\u043e\u0434\u043d\u044b\u0435 \u0438\u043b\u0438 \u043e\u0434\u043d\u043e\u0440\u0430\u043d\u0433\u043e\u0432\u044b\u0435 \u0441\u043e\u0435\u0434\u0438\u043d\u0435\u043d\u0438\u044f, \u043e\u043d\u0438 \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u044b\u0432\u0430\u0442\u044c \u0443\u044f\u0437\u0432\u0438\u043c\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0438 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u044c \u0434\u043e\u0441\u0442\u0443\u043f \u0432 \u043a\u0430\u0447\u0435\u0441\u0442\u0432\u0435 \u0441\u0442\u0430\u0440\u0442\u043e\u0432\u043e\u0439 \u043f\u043b\u043e\u0449\u0430\u0434\u043a\u0438 \u0434\u043b\u044f \u0432\u0437\u043b\u043e\u043c\u0430 \u0434\u0440\u0443\u0433\u0438\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 AirPlay (\u0432 \u0442\u043e\u0439 \u0436\u0435 \u0441\u0435\u0442\u0438).\n\n\u0418\u0441\u0441\u043b\u0435\u0434\u043e\u0432\u0430\u0442\u0435\u043b\u0438 Oligo \u0441\u043c\u043e\u0433\u043b\u0438 \u043f\u0440\u043e\u0434\u0435\u043c\u043e\u043d\u0441\u0442\u0440\u0438\u0440\u043e\u0432\u0430\u0442\u044c, \u043a\u0430\u043a \u0438\u043c\u0435\u043d\u043d\u043e \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0438 \u043c\u043e\u0433\u0443\u0442 \u0440\u0435\u0430\u043b\u0438\u0437\u043e\u0432\u0430\u0442\u044c CVE-2025-24252 \u0438 CVE-2025-24132 \u0434\u043b\u044f RCE \u0441 \u0432\u043e\u0437\u043c\u043e\u0436\u043d\u043e\u0441\u0442\u044c\u044e \u0447\u0435\u0440\u0432\u044f.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c CVE-2025-24206 (\u043e\u0431\u0445\u043e\u0434 \u0432\u0437\u0430\u0438\u043c\u043e\u0434\u0435\u0439\u0441\u0442\u0432\u0438\u044f \u0441 \u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u0442\u0435\u043b\u0435\u043c) \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u0435\u0442 \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0443 \u043e\u0431\u0445\u043e\u0434\u0438\u0442\u044c \u0442\u0440\u0435\u0431\u043e\u0432\u0430\u043d\u0438\u044f \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043d\u043e\u043f\u043a\u0438 \u00ab\u043f\u0440\u0438\u043d\u044f\u0442\u044c\u00bb \u0432 \u0437\u0430\u043f\u0440\u043e\u0441\u0430\u0445 AirPlay \u0438 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u043e\u0431\u044a\u0435\u0434\u0438\u043d\u0435\u043d\u0430 \u0441 \u0434\u0440\u0443\u0433\u0438\u043c\u0438 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044f\u043c\u0438 \u0434\u043b\u044f \u0437\u0430\u043f\u0443\u0441\u043a\u0430 \u0430\u0442\u0430\u043a \u0431\u0435\u0437 \u043d\u0430\u0436\u0430\u0442\u0438\u044f \u043a\u043d\u043e\u043f\u043a\u0438.\n\n\u0417\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a \u043f\u043e\u0442\u0435\u043d\u0446\u0438\u0430\u043b\u044c\u043d\u043e \u043c\u043e\u0436\u0435\u0442 \u0437\u0430\u0445\u0432\u0430\u0442\u0438\u0442\u044c \u043e\u043f\u0440\u0435\u0434\u0435\u043b\u0435\u043d\u043d\u044b\u0435 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 AirPlay \u0438 \u0432\u044b\u043f\u043e\u043b\u043d\u0438\u0442\u044c \u0440\u0430\u0437\u0432\u0435\u0440\u0442\u044b\u0432\u0430\u043d\u0438\u0435 \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u043e\u0433\u043e \u041f\u041e, \u043a\u043e\u0442\u043e\u0440\u043e\u0435 \u043c\u043e\u0436\u0435\u0442 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u044f\u0442\u044c\u0441\u044f \u043d\u0430 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432\u0430 \u0432 \u043b\u044e\u0431\u043e\u0439 \u043b\u043e\u043a\u0430\u043b\u044c\u043d\u043e\u0439 \u0441\u0435\u0442\u0438, \u043a \u043a\u043e\u0442\u043e\u0440\u043e\u0439 \u043f\u043e\u0434\u043a\u043b\u044e\u0447\u0430\u0435\u0442\u0441\u044f \u0437\u0430\u0440\u0430\u0436\u0435\u043d\u043d\u043e\u0435.\n\n\u042d\u0442\u043e \u043c\u043e\u0436\u0435\u0442 \u043f\u0440\u0438\u0432\u0435\u0441\u0442\u0438 \u043a \u043e\u0441\u0443\u0449\u0435\u0441\u0442\u0432\u043b\u0435\u043d\u0438\u044e \u0434\u0440\u0443\u0433\u0438\u0445 \u0441\u043b\u043e\u0436\u043d\u044b\u0445 \u0430\u0442\u0430\u043a, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u044b\u0445 \u0441 \u043a\u0438\u0431\u0435\u0440\u0448\u043f\u0438\u043e\u043d\u0430\u0436\u0435\u043c, ransomware, \u0430\u0442\u0430\u043a\u0430\u043c\u0438 \u043d\u0430 \u0446\u0435\u043f\u043e\u0447\u043a\u0438 \u043f\u043e\u0441\u0442\u0430\u0432\u043e\u043a \u0438 \u0434\u0440.\n\nCVE-2025-24271, \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c ACL, \u043f\u043e\u0437\u0432\u043e\u043b\u044f\u044e\u0449\u0430\u044f \u043d\u0435\u0430\u0443\u0442\u0435\u043d\u0442\u0438\u0444\u0438\u0446\u0438\u0440\u043e\u0432\u0430\u043d\u043d\u044b\u043c \u0437\u043b\u043e\u0443\u043c\u044b\u0448\u043b\u0435\u043d\u043d\u0438\u043a\u0430\u043c \u043e\u0442\u043f\u0440\u0430\u0432\u043b\u044f\u0442\u044c \u043a\u043e\u043c\u0430\u043d\u0434\u044b AirPlay \u0431\u0435\u0437 \u0441\u043e\u043f\u0440\u044f\u0436\u0435\u043d\u0438\u044f, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0441\u0432\u044f\u0437\u0430\u043d\u0430 \u0441 CVE-2025-24137 (\u0438\u0441\u043f\u0440\u0430\u0432\u043b\u0435\u043d\u0430 \u0432 \u044f\u043d\u0432\u0430\u0440\u0435 2025 \u0433\u043e\u0434\u0430) \u0434\u043b\u044f RCE \u0432 \u043e\u0434\u0438\u043d \u043a\u043b\u0438\u043a.\n\n\u0423\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u044c CVE-2025-24132, \u0441\u0432\u044f\u0437\u0430\u043d\u043d\u0430\u044f \u0441 \u043f\u0435\u0440\u0435\u043f\u043e\u043b\u043d\u0435\u043d\u0438\u0435\u043c \u0431\u0443\u0444\u0435\u0440\u0430 \u0432 \u0441\u0442\u0435\u043a\u0435, \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f RCE \u0431\u0435\u0437 \u0449\u0435\u043b\u0447\u043a\u0430 \u043d\u0430 \u0434\u0438\u043d\u0430\u043c\u0438\u043a\u0430\u0445 \u0438 \u0440\u0435\u0441\u0438\u0432\u0435\u0440\u0430\u0445 \u0441 \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0438\u0435\u043c AirPlay SDK, \u043d\u0435\u0437\u0430\u0432\u0438\u0441\u0438\u043c\u043e \u043e\u0442 \u0438\u0445 \u043a\u043e\u043d\u0444\u0438\u0433\u0443\u0440\u0430\u0446\u0438\u0438, \u0430 \u0442\u0430\u043a\u0436\u0435 \u043c\u043e\u0436\u0435\u0442 \u0431\u044b\u0442\u044c \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u043e\u0432\u0430\u043d\u0430 \u0434\u043b\u044f \u0441\u043e\u0437\u0434\u0430\u043d\u0438\u044f \u0432\u0440\u0435\u0434\u043e\u043d\u043e\u0441\u043d\u044b\u0445 \u043f\u0440\u043e\u0433\u0440\u0430\u043c\u043c-\u0447\u0435\u0440\u0432\u0435\u0439.\n\n\u041f\u043e\u0441\u043a\u043e\u043b\u044c\u043a\u0443 AirPlay \u044f\u0432\u043b\u044f\u0435\u0442\u0441\u044f \u043e\u0441\u043d\u043e\u0432\u043e\u043f\u043e\u043b\u0430\u0433\u0430\u044e\u0449\u0438\u043c \u041f\u041e \u0434\u043b\u044f \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 Apple (Mac, iPhone, iPad, AppleTV \u0438 \u0442.\u0434.), \u0430 \u0442\u0430\u043a\u0436\u0435 \u0434\u043b\u044f \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0434\u0435\u0432\u0430\u0439\u0441\u043e\u0432, \u0438\u0441\u043f\u043e\u043b\u044c\u0437\u0443\u044e\u0449\u0438\u0445 AirPlay SDK, \u044d\u0442\u043e\u0442 \u043a\u043b\u0430\u0441\u0441 \u0443\u044f\u0437\u0432\u0438\u043c\u043e\u0441\u0442\u0435\u0439 \u043c\u043e\u0436\u0435\u0442 \u0438\u043c\u0435\u0442\u044c \u0434\u0430\u043b\u0435\u043a\u043e \u0438\u0434\u0443\u0449\u0438\u0435 \u043f\u043e\u0441\u043b\u0435\u0434\u0441\u0442\u0432\u0438\u044f, \u043e\u0441\u043e\u0431\u0435\u043d\u043d\u043e \u0435\u0441\u043b\u0438 \u0443\u0447\u0435\u0441\u0442\u044c \u0438\u0445 \u0448\u0438\u0440\u043e\u043a\u043e\u0435 \u0440\u0430\u0441\u043f\u0440\u043e\u0441\u0442\u0440\u0430\u043d\u0435\u043d\u0438\u0435.\n\n\u041f\u0440\u0438 \u044d\u0442\u043e\u043c \u043f\u043e \u0434\u0430\u043d\u043d\u044b\u043c Apple, \u0432 \u043c\u0438\u0440\u0435 \u043f\u0440\u0435\u0434\u0441\u0442\u0430\u0432\u043b\u0435\u043d\u043e \u0431\u043e\u043b\u0435\u0435 2,35 \u043c\u043b\u0440\u0434. \u0430\u043a\u0442\u0438\u0432\u043d\u044b\u0445 \u044f\u0431\u043b\u043e\u0447\u043d\u044b\u0445 \u0443\u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432, \u0430 \u043f\u043e \u043e\u0446\u0435\u043d\u043a\u0430\u043c Oligo - \u0442\u0430\u043a\u0436\u0435 \u0434\u0435\u0441\u044f\u0442\u043a\u0438 \u043c\u043b\u043d. \u0441\u0442\u043e\u0440\u043e\u043d\u043d\u0438\u0445 \u0441\u0442\u0440\u043e\u0439\u0441\u0442\u0432 \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 AirPlay, \u043d\u0435 \u0441\u0447\u0438\u0442\u0430\u044f \u0430\u0432\u0442\u043e\u043c\u043e\u0431\u0438\u043b\u044c\u043d\u044b\u0445 \u0438\u043d\u0444\u043e\u0440\u043c\u0430\u0446\u0438\u043e\u043d\u043d\u043e-\u0440\u0430\u0437\u0432\u043b\u0435\u043a\u0430\u0442\u0435\u043b\u044c\u043d\u044b\u0445 \u0441\u0438\u0441\u0442\u0435\u043c \u0441 \u043f\u043e\u0434\u0434\u0435\u0440\u0436\u043a\u043e\u0439 CarPlay.", "creation_timestamp": "2025-04-30T14:51:28.000000Z"}, {"uuid": "e7eacc4f-b187-4578-afb7-0abc3ba5e7a8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-24252", "type": "exploited", "source": "https://t.me/thehackernews/6773", "content": "\ud83d\udea8 Zero-click. Wormable. Network-spreading.\n\nNew flaws in Apple\u2019s AirPlay protocol (\ud83d\udd13 AirBorne) could let hackers hijack your device without a click\u2014then ride your Wi-Fi into corporate networks.\n\nCVE-2025-24252 + CVE-2025-24132 = silent RCE across Macs, TVs, speakers. Just being on the same Wi-Fi can be enough.\n\n\ud83d\udd17 Learn more: https://thehackernews.com/2025/05/wormable-airplay-flaws-enable-zero.html\n\n\ud83d\udcf2 Update all AirPlay-enabled devices now\u2014personal & work.", "creation_timestamp": "2025-05-05T19:07:46.000000Z"}]}