CVE-2025-24200 is a vulnerability in Appleโs iOS and iPadOS systems that stems from an authorization flaw caused by improper state management. In affected devices, this flaw could allow a physical attacker to bypass USB Restricted Mode on a locked device potentially permitting unauthorized data access via a USB connection. This vulnerability has been fixed in iPadOS 17.7.5, iOS 18.3.1, and iPadOS 18.3.1, and it is notable that Apple acknowledged a report suggesting that the issue may have been exploited in extremely sophisticated attacks targeting specific individuals.
See more details on: