Apple has released a security update to address a flaw in its iOS and iPadOS operating systems that it says has been exploited in the wild. The vulnerability, assigned CVE-2025-24200, allows a malicious actor to disable USB Restricted Mode on a locked device as part of a cyber physical attack.
The issue requires physical access to the device to exploit, which prevents attackers from bypassing digital forensics tools like Cellebrite or GrayKey. These tools are mainly used by law enforcement agencies to extract sensitive data from confiscated devices.
Apple acknowledged that it’s aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. The update is available for various devices and operating systems, including iPhone XS and later, iPad Pro models, and iPad Air and iPad 7th generation devices or later.
This development comes weeks after Apple resolved another security flaw, a use-after-free bug in the Core Media component, that was exploited by commercial surveillanceware vendors. These tools are marketed to combat serious crimes but have also been used to spy on civil society members.
Apple has improved its state management to address the vulnerability and will continue to monitor the situation. Security researcher Bill Marczak of The Citizen Lab at The University of Toronto’s Munk School discovered and reported the flaw, and it is currently available for download.
Source: https://thehackernews.com/2025/02/apple-patches-actively-exploited-ios.html