Apple has released iOS 18.3.1 and iPadOS 18.3.1 to address a newly discovered security vulnerability (CVE-2025-24200) that allowed attackers to bypass USB Restricted Mode on locked devices. The flaw may have been exploited in “extremely sophisticated attacks” targeting specific individuals.
USB Restricted Mode is a key security feature that prevents data transfer through the Lightning or USB-C port if the device has been locked for more than an hour. By disabling this protection, attackers could have gained unauthorized access to sensitive data, possibly using advanced forensic tools similar to Cellebrite.
Apple has not disclosed exactly how or where the vulnerability was exploited, the company acknowledged that the issue had been actively used in targeted attacks. This revelation has reignited discussions about digital privacy, government surveillance, and the ongoing conflict between Apple and law enforcement agencies over access to encrypted devices.
Why It Matters: This security flaw highlights the growing risks posed by forensic hacking tools and state-sponsored surveillance. Apple’s quick response demonstrates its ongoing commitment to user privacy, but the existence of such an exploit raises questions about how law enforcement and third parties continue to find ways around iOS security measures.
- Apple Patches Major iOS Security Flaw: The latest iOS and iPadOS update fixes CVE-2025-24200, a vulnerability that allowed attackers to disable USB Restricted Mode, potentially exposing private data on locked devices.
- Potential Government and Law Enforcement Use: The nature of the exploit suggests it could have been leveraged by forensic tools like Cellebrite, which have been used by authorities worldwide to unlock encrypted iPhones.
- Targeted Attacks Confirmed: Apple acknowledged that the vulnerability was actively exploited in sophisticated cyberattacks aimed at specific individuals, though details remain undisclosed.
- Immediate Security Update Recommended: The flaw affects a wide range of Apple devices, including iPhones from the XS onward and multiple iPad models. Users are strongly advised to update their devices to prevent potential security breaches.
Go Deeper -> Apple fixes security flaw allowing third-party access to locked devices – The Record
Apple warns “extremely sophisticated attack” hits iPhones and iPads, so update now – TechRadar