Summary: Apple has released an urgent patch for iOS and iPadOS to address a critical security flaw, CVE-2025-24200, that enables attackers with physical access to disable USB Restricted Mode on locked devices. This vulnerability could allow for sophisticated attacks and was discovered by Bill Marczak of The Citizen Lab, indicating potential nation-state exploitation. The issue has been resolved in the latest updates: iOS 18.3.1 and iPadOS 18.3.1.
Affected: Apple iOS and iPadOS systems
Keypoints :
- Critical security flaw allows disabling USB Restricted Mode on locked devices.
- Attackers could exploit this vulnerability for targeted surveillance and data extraction.
- Apple did not provide indicators of compromise or telemetry for defenders.