Alerts

Active Exploitation of a Zero-Day Vulnerability in Apple Products

11 February 2025

Apple has released security updates addressing a zero-day vulnerability (CVE-2025-24200) affecting their products. This vulnerability is reportedly being actively exploited.

Successful exploitation of the vulnerability could allow an unauthenticated attacker to disable USB Restricted Mode on the vulnerable device. After disabling the USB Restricted Mode, the attacker could gain unauthorised access to the device's data through USB connections.

The vulnerabilities affect the following products:

iPhone XS and later

iPad Pro 13-inch

iPad Pro 12.9-inch 3rd generation and later

iPad Pro 11-inch 1st generation and later

iPad Pro 12.9-inch 2nd generation

iPad Pro 10.5-inch

iPad Air 3rd generation and later

iPad mini 5th generation and later

iPad 7th generation and later

iPad 6th generation

Users and administrators of affected products are advised to update to the latest versions immediately.

Users are also strongly encouraged to enable automatic software updates by going to Settings > General > Software Updates > Enable Automatic Updates.

More information is available here:

https://support.apple.com/en-us/122173

https://support.apple.com/en-us/122174

https://nvd.nist.gov/vuln/detail/CVE-2025-24200

https://www.bleepingcomputer.com/news/apple/apple-fixes-zero-day-exploited-in-extremely-sophisticated-attacks/

Government officials will never ask you to transfer money or disclose bank log-in details over a phone call.

Active Exploitation of a Zero-Day Vulnerability in Apple Products

Reach us