CVE-2025-24200
Published Feb 10, 2025
Last updated 12 hours ago
AI description
CVE-2025-24200 is an authorization issue in Apple's iOS and iPadOS, fixed with improved state management. This vulnerability could allow a physical attacker to disable USB Restricted Mode on a locked device. USB Restricted Mode, introduced in iOS 11.4.1, prevents USB accessories from connecting to an iOS device after it has been locked for a certain period. Disabling this feature could allow unauthorized access to the device's data. The vulnerability affects iPhone XS and later, iPad Pro (13-inch), iPad Pro 12.9-inch (3rd generation and later), iPad Pro 11-inch (1st generation and later), iPad Air (3rd generation and later), iPad (7th generation and later), and iPad mini (5th generation and later). Apple acknowledges that this vulnerability may have been actively exploited in highly targeted attacks, describing them as "extremely sophisticated" and directed at specific individuals. Patches for CVE-2025-24200 were released by Apple on February 9, 2025, and are included in iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5. The vulnerability was reported by Bill Marczak of the Citizen Lab at the University of Toronto's Munk School.
- Description
- An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
- Source
- product-security@apple.com
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 6.1
- Impact score
- 5.2
- Exploitability score
- 0.9
- Vector string
- CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
- Severity
- MEDIUM
Data from CISA
- Vulnerability name
- Apple iOS and iPadOS Incorrect Authorization Vulnerability
- Exploit added on
- Feb 12, 2025
- Exploit action due
- Mar 5, 2025
- Required action
- Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
26
Apple has issued an urgent security advisory about three zero-day vulnerabilities—CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085—currently being exploited in sophisticated cyberattacks. These vulnerabilities affect a wide range of Apple devices, including iPhones, iPads, Macs
@Avengingsecure
2 Apr 2025
2 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
The Apple zero days are CVE-2025-24200 allows disabling USB Restricted Mode through physical access. CVE-2025-24201 compromises WebKit, enabling malicious web content to escape the sandbox. CVE-2025-24085 is a use-after-free vulnerability that may lead to privilege escalation.
@RayyxAB
2 Apr 2025
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apple backported fixes for three zero-day flaws (CVE-2025-24200, CVE-2025-24201, CVE-2025-24085) exploited in attacks on older iOS, iPadOS, & macOS versions. Learn about these vulnerabilities, their exploitation methods, & how to detect and mitigate them: https://t.co/Q5U
@qualys
1 Apr 2025
368 Impressions
2 Retweets
2 Likes
1 Bookmark
0 Replies
0 Quotes
Apple has issued security updates backporting fixes for zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 to older OS versions. Additionally, updates for the latest iOS, iPadOS, macOS, Safari, and Xcode have been released. #apple #updates https://t.co/F4
@Strivehawk
1 Apr 2025
32 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
تحديث iOS 18.4 قام باغلاق ثلاث ثغرات خطيرة (الايفون والماك والايباد) • ثغرة CVE-2025-24085: ترفع الصلاحيات لثببت تطبيقات غير مصرحه • ثغرة CVE-2025-24200: تعطل قيود الـ USB • ثغرة CVE-2025-24201: تلاعب بالمواقع لتجاوز الساند بوكس انصح بشدة بتحديث جهازك حالاً وتأمينه https://t
@mr_thamer
1 Apr 2025
12110 Impressions
9 Retweets
11 Likes
8 Bookmarks
5 Replies
1 Quote
• CVE-2025-24085 (CVSS score: 7.3) Ошибка использования после освобождения в компоненте Core Media. • CVE-2025-24200 (CVSS score: 4) Проблема авторизации в компоненте Специальные возможности, из-за которой отключить USB. • CVE-2025-24085 • CVE-2025-24200 • CVE-2025-24201 https
@byt3n33dl3
1 Apr 2025
47 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Apple has issued an urgent security advisory concerning three critical zero-day vulnerabilities CVE-2025-24200, CVE-2025-24201, and CVE-2025-24085 that have been actively exploited in sophisticated attacks. https://t.co/7e6dl8ADJ3
@Ashutosh__048
1 Apr 2025
7 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
📣 EMERGENCY UPDATES 📣 Apple pushed additional updates for 3 zero-days that may have been actively exploited. 🐛 CVE-2025-24200 (Accessibility) additional patches, 🐛 CVE-2025-24201 (WebKit) additional patches: - iOS and iPadOS 15.8.4 - iOS and iPadOS 16.7.11
@ApplSec
31 Mar 2025
449 Impressions
1 Retweet
9 Likes
2 Bookmarks
1 Reply
0 Quotes
🚨Apple has just rolled out an urgent update to address the critical zero-day vulnerability CVE-2025-24200 that has been actively exploited! 🔒📱 https://t.co/hH1RUiGuy5 #AppleUpdate #iOSSecurity #ZeroDay #StaySafe #TechNews #CVE2025_24200 #CyberSecurity
@ogrikosec
25 Mar 2025
3 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
8 Mar 2025
5 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Neat! 📸 First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) / AbleNet https://t.co/NWpNTWAzIf https://t.co/vCr1LyxSa3
@NicholasLars0n
4 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple releases urgent security updates for iOS to address critical vulnerability (CVE-2025-24200). Protect devices now. https://t.co/lQpYYMdjd7 #CyberSecurity #Apple
@threatlight
22 Feb 2025
15 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
19 Feb 2025
8 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Apple has issued an urgent warning to iPhone and iPad users about a critical security flaw, CVE-2025-24200, which could let attackers bypass key protections. The vulnerability, found in targeted attacks, allows hackers with physical access to disable USB #Apple #iOSUpdate https
@techexplorersz
19 Feb 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
به تازگی برای ios و iPadOS آسیب پذیری با کد شناسایی CVE-2025-24200 منتشر،که مکانیزم امنیتی اتصال USBبه گوشی های LOCKشده رو غیر فعال می کند.به عبارتی این امکان وجود دارکه USBبه گوشی توزده بشه ودرحالی که گوشی توقفل هست باز بتونه به فایل ها و اطلاعات روی گوشی تو دسترسی داشته باشد.
@cybernetic_cy
19 Feb 2025
61 Impressions
2 Retweets
5 Likes
0 Bookmarks
0 Replies
0 Quotes
iOS/iPadOS の深刻な脆弱性 CVE-2025-24200 が FIX:標的型攻撃での悪用を確認 https://t.co/pDU5mQzSjw Apple iOS/iPadOS のゼロデイ脆弱性 CVE-2025-24200が FIX しました。標的型攻撃において積極的に悪用されているとのことですので、アップデートを忘れないよう、お気をつけください。 #Apple… https://t.co/3GGpMWpjzv
@iototsecnews
19 Feb 2025
178 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
19 Feb 2025
25 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Hey! Just heard about a nasty iPhone flaw (CVE-2025-24200) that disables USB Restricted Mode on locked devices! Update to iOS 18.3.1 ASAP! #security https://t.co/sSAdZt4Em4
@storagetechnews
19 Feb 2025
175 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Atenção, usuários de iOS e iPadOS! 🚨 A CISA alerta sobre uma vulnerabilidade crítica (CVE-2025-24200) que permite que atacantes desativem o Modo Restrito USB em dispositivos bloqueados. Proteja suas informações, especialmente se você for um jornalista ou ativista!
@IncursioHack
18 Feb 2025
4 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
برای ios و iPadOS آسیب پذیری با کد شناسایی CVE-2025-24200 منتشر شده است ، که مکانیزم امنیتی اتصال USB به گوشی های LOCK شده رو غیر فعال می کند . این امکان وجود داره که USB به گوشی تو زده بشه و در حالی که گوشی تو قفل هست بتونه به فایل ها دسترسی داشته باشد. https://t.co/Poz3aKY03t
@AmirHossein_sec
18 Feb 2025
22 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
18 Feb 2025
26 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
CISA Warns of Apple iOS Vulnerability Exploited in Wild The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent warning about a critical zero-day vulnerability in Apple iOS and iPadOS, tracked as CVE-2025-24200, being actively exploited in targeted…
@gsarquis
17 Feb 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#DOYOUKNOWCVE CISA ALERT (Feb 10-14): 7 critical vulnerabilities actively exploited & added to CISA KEV! CVE-2025-24200 (iOS/iPadOS) – Physical attackers can disable USB Restricted Mode. CVE-2025-21418 (Windows WinSock) – Heap overflow → SYSTEM-level privilege escalation.
@Loginsoft_Inc
17 Feb 2025
60 Impressions
2 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
⚠️ Vulnerability Alert: Apple iOS Security Flaw 📅 Timeline: Disclosure: 2025-02-01, Patch: 2025-02-11 📌 Attribution: Bill Marczak (The Citizen Lab) 🆔cveId: CVE-2025-24200 📊baseScore: 4.6 📏cvssMetrics: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H cvssSeverity: Critical 🔴… https:/
@syedaquib77
17 Feb 2025
21 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update #CISO https://t.co/Lj2EVJOndb https://t.co/Ouqu0RlbdA
@compuchris
17 Feb 2025
29 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#ICYMI #Apple has released emergency security updates for iOS and iPadOS to patch a vulnerability exploited in the wild. CVE-2025-24200, could allow attackers to disable USB Restricted Mode on locked devices. Update your devices now: https://t.co/ntRccwhd1p via @TheHackersNews
@upgradeoptions
17 Feb 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Apple's USB Restricted Mode bypass (CVE-2025-24200) https://t.co/V4Ip43oR8n https://t.co/feLnZGBxbd
@blackorbird
17 Feb 2025
3540 Impressions
20 Retweets
57 Likes
18 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
17 Feb 2025
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
2025-02-16 の人気記事はコチラでした。(自動ツイート) #Hacker_Trends ――― First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) - Quarkslab's blog https://t.co/VFQuGkzDu0 https://t.co/xNlRz0ZZVn
@motikan2010
17 Feb 2025
148 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) - Quarkslab's blog https://t.co/WOqSpI5U0q
@GHak2learn27752
16 Feb 2025
12 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
16 Feb 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) https://t.co/hGyYcCEFwS https://t.co/dt7RRrEpK4
@BugBountyShorts
16 Feb 2025
13 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Hey! Apple patched a zero-day flaw (CVE-2025-24200) that let attackers bypass USB Restricted Mode on locked iPhones & iPads! Update to iOS 18.3.1 ASAP! Seriously! https://t.co/HJkLKshTKX
@fin_tech_news_
16 Feb 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) : https://t.co/j2PNpJJKQ4 https://t.co/G7v5qN8JWt
@binitamshah
16 Feb 2025
21187 Impressions
59 Retweets
202 Likes
102 Bookmarks
2 Replies
2 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
15 Feb 2025
9 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
15 Feb 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
iOS 18.3 - 17.0 Massive iPhone USB VULNERABILITY Released! This is Amazing! ⚠️ NEW VIDEO: https://t.co/WH42GpHTLS The powerful CVE-2025-24200 bug was patched by Apple in iOS 18.3.1 and iPadOS 18.3.1. It's quite a massive USB vulnerability that can skip requiring FaceID /… https
@FCE365
14 Feb 2025
8518 Impressions
12 Retweets
62 Likes
13 Bookmarks
5 Replies
0 Quotes
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) https://t.co/UMXoCUPFDV
@Dinosn
14 Feb 2025
4208 Impressions
14 Retweets
40 Likes
18 Bookmarks
1 Reply
1 Quote
First analysis of Apple's USB Restricted Mode bypass (CVE-2025-24200) https://t.co/kpFK1BTtC1 #pentesting #IoTsecurity #infosec https://t.co/BpHKiTDKHO
@ptracesecurity
14 Feb 2025
2719 Impressions
13 Retweets
48 Likes
13 Bookmarks
0 Replies
0 Quotes
Unrestrict the restricted mode for USB on iPhone. A first analysis @citizenlab #CVE-2025-24200 👉 https://t.co/CkqMPz2qEp https://t.co/huNXAOKUHu
@quarkslab
14 Feb 2025
14043 Impressions
58 Retweets
197 Likes
75 Bookmarks
3 Replies
3 Quotes
Apple’s 18.3.1 patch fixes only CVE-2025-24200, used in an ‘extremely sophisticated attack’ to unlock iPhones and iPads. Interesting. 📱🔨⛓️💥 https://t.co/lWsQ5jnUAE
@it4sec
14 Feb 2025
382 Impressions
0 Retweets
3 Likes
3 Bookmarks
0 Replies
0 Quotes
Actively exploited CVE : CVE-2025-24200
@transilienceai
13 Feb 2025
29 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update. Apple released out-of-band security updates to address a security flaw in iOS and iPadOS has been exploited in the wild but attackers require physical access to the device . https://t.co/RTCDQFUwUD
@riskigy
13 Feb 2025
49 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
AppleのUSB制限モードが回避される深刻な脆弱性、極めて高度な攻撃で悪用が可能(CVE-2025-24200) #セキュリティ対策Lab #セキュリティ https://t.co/tGuqjm9Skh
@securityLab_jp
12 Feb 2025
8 Impressions
1 Retweet
1 Like
0 Bookmarks
0 Replies
0 Quotes
Apple lanza una actualización de seguridad urgente para iPhones e iPads abordando una vulnerabilidad crítica (CVE-2025-24200) la cual afecta al modo restringido USB, una función de seguridad introducida en 2018 para proteger a los dispositivos del acceso no autorizado. 🧉 https:
@MarquisioX
12 Feb 2025
60 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
#PorUnPerúDigital 🇵🇪 | 📣 Conoce la alerta de ciberseguridad para hoy miércoles 12 de febrero. ⚠️ 📱 Apple lanzó una actualización de emergencia para abordar una vulnerabilidad de tipo zero-day en iOS y iPadOS, identificada como CVE-2025-24200. Este fallo permite a los… http
@PeruPaisDigital
12 Feb 2025
194 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-24200 🔴 HIGH (7.5) 🏢 Apple - iPadOS 🏗️ unspecified 🔗 https://t.co/XfnYHLm8yr 🔗 https://t.co/sSYupjtEPF #CyberCron #VulnAlert https://t.co/EbfzgSGjug
@cybercronai
12 Feb 2025
148 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
1 Quote
Apple has released security updates to address a critical zero-day vulnerability (CVE-2025-24200) in multiple products - iOS, iPadOS, macOS Sequoia, macOS Sonoma, macOS Ventura, visionOS, and watchOS. https://t.co/uY8v8XTMam https://t.co/54D2Pw952Q
@uofgccs
12 Feb 2025
52 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#Apple #Patches Actively #Exploited #iOS #Zero_Day CVE-2025-24200 in Emergency Update https://t.co/fEmlz2U3Zu https://t.co/EWFQkRHB5r
@omvapt
12 Feb 2025
15 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 Atenção, usuários da Apple! Uma falha grave no iOS (CVE-2025-24200) pode permitir que invasores desativem o Modo Restrito USB em dispositivos bloqueados. Atualize agora para proteger seus dados! Não deixe sua segurança nas mãos de hackers! #IncursioHack 🍏🔒
@IncursioHack
12 Feb 2025
20 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "2D76DB6B-CB2C-4E13-B6A0-8EAAF97BA82A",
"versionEndExcluding": "17.7.5"
},
{
"criteria": "cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "A77F4D69-3C11-4074-A7E6-C85767F026EF",
"versionEndExcluding": "18.3.1",
"versionStartIncluding": "18.0"
},
{
"criteria": "cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "FCFC977D-A942-42CC-80CD-6DE07C4870AB",
"versionEndExcluding": "18.3.1"
}
],
"operator": "OR"
}
]
}
]