CVE-2025-24200
Apple iPadOS and iOS USB Restricted Mode Authorization Bypass
Description
An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.
INFO
Published Date :
Feb. 10, 2025, 7:15 p.m.
Last Modified :
Feb. 11, 2025, 7:15 p.m.
Source :
[email protected]
Remotely Exploitable :
No
Impact Score :
3.6
Exploitability Score :
0.9
Public PoC/Exploit Available at Github
CVE-2025-24200 has a 1 public PoC/Exploit available at Github.
Go to the Public Exploits tab to see the list.
References to Advisories, Solutions, and Tools
Here, you will find a curated list of external links that provide in-depth
information, practical solutions, and valuable tools related to
CVE-2025-24200.
| URL | Resource |
|---|---|
| https://support.apple.com/en-us/122173 | |
| https://support.apple.com/en-us/122174 | |
| http://seclists.org/fulldisclosure/2025/Feb/7 | |
| http://seclists.org/fulldisclosure/2025/Feb/8 |
We scan GitHub repositories to detect new proof-of-concept exploits. Following list is a collection of public exploits and proof-of-concepts, which have been published on GitHub (sorted by the most recently updated).
CVE-2025-24200 - Incorrect Authorization
Results are limited to the first 15 repositories due to potential performance issues.
The following list is the news that have been mention
CVE-2025-24200 vulnerability anywhere in the article.
-
krebsonsecurity.com
Microsoft Patch Tuesday, February 2025 Edition
Microsoft today issued security updates to fix at least 56 vulnerabilities in its Windows operating systems and supported software, including two zero-day flaws that are being actively exploited. All ... Read more
-
TheCyberThrone
CVE-2024-12797 OpenSSL Vulnerability Patched
CVE-2024-12797 is a critical security vulnerability discovered in OpenSSL, a widely used cryptographic library that provides secure communication over computer networks. This vulnerability poses signi ... Read more
-
TheCyberThrone
CISA Adds Microsoft and Zyxel Vulnerabilities to KEV Catalog
On February 11, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. These vulnerabilities, associate ... Read more
-
Dark Reading
Apple Releases Urgent Patch for USB Vulnerability
Source: Simon Dack via Alamy Stock PhotoNEWS BRIEFApple has released a security update for a vulnerability that the tech giant reports may have been exploited in an "extremely sophisticated attack."No ... Read more
-
Help Net Security
Microsoft fixes two actively exploited zero-days (CVE-2025-21418, CVE-2025-21391)
February 2025 Patch Tuesday is here, and Microsoft has delivered fixes for 56 vulnerabilities, including two zero-days – CVE-2025-21418 and CVE-2025-21391 – under active exploitation. CVE-2025-21418 a ... Read more
-
TheCyberThrone
Apple devices on verge of exploitation of CVE-2025-24200
CVE-2025-24200 is a critical security vulnerability discovered in Apple’s iOS and iPadOS. This vulnerability has severe implications for device security, especially considering the widespread use of t ... Read more
-
Ars Technica
iOS 18.3.1 update fixes security flaw used in “extremely sophisticated attack”
Apple has released new security fixes for iPhones and iPads in the form of iOS 18.3.1 and iPadOS 18.3.1. According to Apple's release notes, these updates patch an actively exploited security flaw in ... Read more
-
The Cyber Express
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Apple has issued emergency updates to fix a critical security flaw that is actively being exploited in iOS and iPadOS. On February 10, the tech giant released out-of-band security patches to address a ... Read more
-
Help Net Security
Apple fixes zero-day flaw exploited in “extremely sophisticated” attack (CVE-2025-24200)
Users of iPhones and iPads that run iOS/iPadOS 18 and iPadOS 17 are urged to implement the latest updates to plug a security feature bypass vulnerability (CVE-2025-24200) exploited in the wild in “an ... Read more
-
The Hacker News
Apple Patches Actively Exploited iOS Zero-Day CVE-2025-24200 in Emergency Update
Zero-Day / Mobile Security Apple on Monday released out-of-band security updates to address a security flaw in iOS and iPadOS that it said has been exploited in the wild. Assigned the CVE identifier C ... Read more
-
seclists.org
APPLE-SA-02-10-2025-2 iPadOS 17.7.5
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 10 Feb 2025 11:32:41 -0800 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more
-
seclists.org
APPLE-SA-02-10-2025-1 iOS 18.3.1 and iPadOS 18.3.1
Full Disclosure mailing list archives From: Apple Product Security via Fulldisclosure <fulldisclosure () seclists org> Date: Mon, 10 Feb 2025 11:28:53 -0800 -----BEGIN PGP SIGNED MESSAGE----- Hash: SH ... Read more
-
security.nl
Apple waarschuwt voor iOS-lek gebruikt bij 'zeer geraffineerde aanval'
Apple waarschuwt voor een kwetsbaarheid in iOS en iPadOS die volgens het techbedrijf bij een 'zeer geraffineerde aanval' tegen bepaalde specifieke personen is gebruikt. Het beveiligingslek (CVE-2025-2 ... Read more
-
BleepingComputer
Apple fixes zero-day exploited in 'extremely sophisticated' attacks
Apple has released emergency security updates to patch a zero-day vulnerability that the company says was exploited in targeted and "extremely sophisticated" attacks. "A physical attack may disable US ... Read more
The following table lists the changes that have been made to the
CVE-2025-24200 vulnerability over time.
Vulnerability history details can be useful for understanding the evolution of a vulnerability, and for identifying the most recent changes that may impact the vulnerability's severity, exploitability, or other characteristics.
-
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Feb. 11, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Removed CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N -
CVE Modified by 134c704f-9b21-4f2e-91b3-4a467353bcc0
Feb. 11, 2025
Action Type Old Value New Value Added CVSS V3.1 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Added CWE CWE-863 -
CVE Modified by af854a3a-2127-422b-91ae-364da2661108
Feb. 11, 2025
Action Type Old Value New Value Added Reference http://seclists.org/fulldisclosure/2025/Feb/7 Added Reference http://seclists.org/fulldisclosure/2025/Feb/8 -
New CVE Received by [email protected]
Feb. 10, 2025
Action Type Old Value New Value Added Description An authorization issue was addressed with improved state management. This issue is fixed in iPadOS 17.7.5, iOS 18.3.1 and iPadOS 18.3.1. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals. Added Reference https://support.apple.com/en-us/122173 Added Reference https://support.apple.com/en-us/122174
CWE - Common Weakness Enumeration
While CVE identifies
specific instances of vulnerabilities, CWE categorizes the common flaws or
weaknesses that can lead to vulnerabilities. CVE-2025-24200 is
associated with the following CWEs:
Common Attack Pattern Enumeration and Classification (CAPEC)
Common Attack Pattern Enumeration and Classification
(CAPEC)
stores attack patterns, which are descriptions of the common attributes and
approaches employed by adversaries to exploit the CVE-2025-24200
weaknesses.