Security News > 2025 > February > Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)
2025-02-11 10:40
Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) exploited in the wild in “an extremely sophisticated” attack. The vulnerability (CVE-2025-24200) “A physical attack may disable USB Restricted Mode on a locked device,” Apple explained. USB Restricted Mode is a feature Apple introduced in 2018 to protect users against device unlocking (“cracking”) tools such as The post Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200) appeared first on Help Net Security.
News URL
Related news
- Apple plugs zero-day holes used in targeted iPhone attacks (CVE-2025-31200, CVE-2025-31201) (source)
- Apple fixes WebKit zero-day exploited in ‘extremely sophisticated’ attacks (source)
- Apple Releases Patch for WebKit Zero-Day Vulnerability Exploited in Targeted Attacks (source)
- Apple fixes two zero-days exploited in targeted iPhone attacks (source)
- Apple Patches Two Zero-Days Used in ‘Extremely Sophisticated’ Attacks (source)
- Broadcom fixes three VMware zero-days exploited in attacks (source)
- EncryptHub linked to MMC zero-day attacks on Windows systems (source)
- Google fixes exploited Chrome sandbox bypass zero-day (CVE-2025-2783) (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)
- Apple backports zero-day patches to older iPhones and Macs (source)
Related Vulnerability
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-10 | CVE-2025-24200 | Incorrect Authorization vulnerability in Apple Ipados An authorization issue was addressed with improved state management. | 6.1 |