Apple Products Security Restriction Bypass Vulnerability

Release Date: 13 Feb 2025

RISK: Medium Risk

TYPE: Operating Systems - Mobile & Apps

A vulnerability was identified in Apple Products. A remote attacker could exploit this vulnerability to trigger security restriction bypass on the targeted system.

 

Note:

For CVE-2025-24200, a physical attack may disable USB Restricted Mode on a locked device. CISA has added this CVE to its Known Exploited Vulnerabilities Catalog and Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

---

Impact

• Security Restriction Bypass

---

System / Technologies affected

• Versions prior to iOS 18.3.1
• Versions prior to iPadOS 17.7.5
• Versions prior to iPadOS 18.3.1

---

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

 

• iOS 18.3.1
• iPadOS 17.7.5
• iPadOS 18.3.1

---

Vulnerability Identifier

• CVE-2025-24200

---

Source

• Apple
• CISA

---

Related Link

• https://support.apple.com/en-us/122173
• https://support.apple.com/en-us/122174
• https://www.cisa.gov/news-events/alerts/2025/02/12/cisa-adds-two-known-exploited-vulnerabilities-catalog