New iOS Update Resolves USB Exploit Linked to Targeted Attacks

Apple has announced a critical security update for iPhones and iPads in response to a severe vulnerability affecting the USB Restricted Mode, tracked as CVE-2025-24200. This flaw has reportedly been exploited in targeted attacks. Users are urged to update their devices immediately.

The USB Restricted Mode was introduced in 2018 to enhance security by disabling the Lightning or USB ports if the device remains locked for over an hour. These ports are usually reactivated when the user unlocks their device. However, the recent vulnerability has compromised this feature, allowing an attacker with physical access to a locked device to bypass the protection, potentially leading to unauthorized data access.

Apple stated, “A physical attack may disable USB Restricted Mode on a locked device.” The company is aware of reports that this issue has been exploited in what it describes as “extremely sophisticated” attacks targeting specific individuals.

The National Institute of Standards and Technology (NIST) has characterized this vulnerability as an “authorization issue” that has been addressed through improved state management.

To mitigate this risk, Apple has released security patches in iOS 18.3.1 and iPadOS 18.3.1, along with iPadOS 17.7.5, which are now available for various devices, including iPhone XS and later models, and several iPad variants.

This vulnerability was identified by Bill Marczak, a senior researcher at Citizen Lab. While details about the specific attack methods remain undisclosed, the discovery suggests a possible link to advanced surveillance tactics, potentially involving nation-state actors.