Security Advisory: 2025-0001
Advisory ID: SSA-2025-0001
Severity: High
Issue Date: 2025-06-10
CVE(s): CVE-2025-24132, CVE-2025-30422
Synopsis: Recent firmware updates address a security vulnerability in AirPlay implementation (CVE-2025-24132, CVE-2025-30422)
1. Impacted Products
- All Sonos AirPlay-enabled devices.
- Affected versions: All releases prior to Sonos Systems release v17.1 (build 85.0-65270) and Sonos S1 System release v11.15.3 (build 57.22-65130)
2. Introduction
Multiple vulnerabilities were identified in the AirPlay SDK implementation that affects third-party devices incorporating this technology, including Sonos's AirPlay-enabled products. This update remediates the vulnerability by implementing the patched AirPlay SDK with improved input validation and improved memory handling.
3. AirPlay Stack-Based Buffer Overflow Vulnerability (CVE-2025-24132)
Description: A stack-based buffer overflow vulnerability in the AirPlay implementation could allow an attacker on the local network to execute arbitrary code without user interaction
Known Attack Vectors: Malicious actors on the same local network could send specially crafted AirPlay requests to exploit this zero-click vulnerability
Resolution: To remediate CVE-2025-24132, apply the Sonos Systems release v17.1 (build 85.0-65270) and Sonos S1 System release v11.15.3 (build 57.22-65130) or later, which implements the patched AirPlay Audio SDK
4. AirPlay Authentication Bypass Vulnerability (CVE-2025-30422)
Description: A vulnerability in the authentication mechanism could allow an attacker to bypass authentication controls and gain unauthorized access to the device
Known Attack Vectors: Malicious actors on the same local network could send specially crafted authentication requests that bypass validation checks
Resolution: To remediate CVE-2025-30422, apply the Sonos Systems release v17.1 (build 85.0-65270) and Sonos S1 System release v11.15.3 (build 57.22-65130) or later, which implements the patched AirPlay Audio SDK
Additional Documentation: Apple Security Advisory: https://support.apple.com/en-us/122403
Acknowledgments: Sonos would like to thank the Oligo Security Research Team for their responsible disclosure of this vulnerability.
Trademark Attributions: Apple, AirPlay and other Apple marks are trademarks of Apple Inc., registered in the U.S. and other countries and regions. All third-party trademarks references in this document are property of their respective owners. Use of the does not imply affiliation with or endorsement by those entities.
