The Digital Security Authority (DSA) wants to bring to your attention a vulnerability affecting USB Restricted Mode in Apple iOS & iPadOS .
Technical Details
CVE-2025-24200 is a critical authorization vulnerability affecting Apple's iOS and iPadOS, allowing a physical attacker to bypass USB Restricted Mode on a locked device. USB Restricted Mode is a security feature designed to prevent unauthorized data access via the USB port after a device has been locked for an extended period. This flaw could enable sophisticated attackers to gain unauthorized access to sensitive data by disabling this protection.
The vulnerability in USB Restricted Mode, allowing an attacker with physical access to disable the feature. This could be exploited in high-risk scenarios, such as forensic investigations, theft, or targeted espionage. By bypassing USB restrictions, an attacker might gain access to device data or deploy additional exploits. The patch released by Apple strengthens security enforcement, closing the loophole. Since this flaw may have been used in real-world attacks, it is critical for all users, especially those handling sensitive data, to update their devices promptly and enable strong security measures.
Affected Products:
- iPhone: iPhone XS and later
- iPad Pro: 13-inch, 12.9-inch (3rd gen and later), 11-inch (1st gen and later)
- iPad Air: 3rd generation and later
- iPad: 7th generation and later
- iPad Mini: 5th generation and later
- Older iPads: iPad Pro 12.9-inch (2nd gen), iPad Pro 10.5-inch, iPad 6th generation
Recommendations
Apple has released patches to address CVE-2025-24200 by improving state management. Users should immediately update their devices to the latest available versions to mitigate the risk of exploitation.
References
The information presented in this report is based on available data up to the 3rd of March 2025.