Home News New iOS Update Resolves USB Exploit Linked to Targeted Attacks
News

New iOS Update Resolves USB Exploit Linked to Targeted Attacks

Apple has announced a critical security update for iPhones and iPads in response to a severe vulnerability affecting the USB Restricted Mode, tracked as CVE-2025-24200. This flaw has reportedly been exploited in targeted attacks. Users are urged to update their devices immediately.

The USB Restricted Mode was introduced in 2018 to enhance security by disabling the Lightning or USB ports if the device remains locked for over an hour. These ports are usually reactivated when the user unlocks their device. However, the recent vulnerability has compromised this feature, allowing an attacker with physical access to a locked device to bypass the protection, potentially leading to unauthorized data access.

Apple stated, “A physical attack may disable USB Restricted Mode on a locked device.” The company is aware of reports that this issue has been exploited in what it describes as “extremely sophisticated” attacks targeting specific individuals.

The National Institute of Standards and Technology (NIST) has characterized this vulnerability as an “authorization issue” that has been addressed through improved state management.

To mitigate this risk, Apple has released security patches in iOS 18.3.1 and iPadOS 18.3.1, along with iPadOS 17.7.5, which are now available for various devices, including iPhone XS and later models, and several iPad variants.

This vulnerability was identified by Bill Marczak, a senior researcher at Citizen Lab. While details about the specific attack methods remain undisclosed, the discovery suggests a possible link to advanced surveillance tactics, potentially involving nation-state actors.

Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Related Articles

News

19 Billion Passwords Leaked in 2024: How to Secure Your Accounts Now

Since April 2024, over 19 billion passwords have been compromised and leaked...

News

UK Unleashes £1bn Cyber Warfare Command to Counter Russia and China

The UK government has announced a major military upgrade focused on cyber...

News

WhatsApp Spyware Case: NSO Group on the Brink as Damages Trial Begins

NSO Group Faces Potential ‘Tens of Millions’ in Damages in WhatsApp Spyware...

News

AI Safety Crisis: New Attack Method Generates Weapons Guides Across All Major Models

Security researchers have uncovered a critical vulnerability affecting all major large language...