Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products
Overview
The Cyber Security Agency of Singapore (CSA) has recently issued a warning regarding the active exploitation of a zero-day vulnerability (CVE-2025-24200) in a range of Apple products. This critical vulnerability is being actively targeted, and Apple has released timely security updates to address the issue. If exploited, the vulnerability could allow attackers to bypass certain security features and gain unauthorized access to sensitive data through USB connections.
The vulnerability, identified as CVE-2025-24200, affects various Apple devices, including iPhones and iPads. Specifically, the issue lies in the USB Restricted Mode, a security feature designed to prevent unauthorized access to a device’s data when it is locked. A successful attack could disable this mode, allowing an unauthenticated attacker to access the device’s data via a USB connection, even if the device is locked.
This flaw has been dubbed a “zero-day vulnerability,” as it was discovered and actively exploited before a patch or security fix was made available. Apple has moved quickly to resolve the issue with new security updates released on February 10, 2025.
Affected Apple Products
The zero-day vulnerability affects a wide range of Apple devices, including the following:
- iPhone XS and later
- iPad Pro 13-inch
- iPad Pro 12.9-inch (3rd generation and later)
- iPad Pro 11-inch (1st generation and later)
- iPad Pro 12.9-inch (2nd generation)
- iPad Pro 10.5-inch
- iPad Air (3rd generation and later)
- iPad mini (5th generation and later)
- iPad 7th generation and later
- iPad 6th generation
Users of the affected devices are strongly advised to update their devices to the latest versions of iOS and iPadOS immediately to mitigate the risk of exploitation.
Apple’s Response and Security Updates
Apple addressed the issue in their latest updates, which were included in iOS 18.3.1 and iPadOS 18.3.1 for affected iPhones and iPads, as well as in iPadOS 17.7.5 for certain iPad models. These updates were released on February 10, 2025, and contain patches that resolve the USB Restricted Mode bypass.
In their official release notes, Apple explained that the vulnerability was the result of an authorization issue that has now been addressed through improved state management. Apple also acknowledged that this vulnerability may have been exploited in targeted attacks against specific individuals, particularly those in high-risk environments. The details surrounding these attacks remain vague, but they indicate the severity of the issue.
The CSA urges users and administrators of affected Apple devices to take immediate action by updating to the latest software versions. Users are encouraged to enable automatic software updates by navigating to Settings > General > Software Updates > Enable Automatic Updates to ensure future security patches are applied without delay.
Conclusion
The CVE-2025-24200 vulnerability highlights the need for constant vigilance against cyber threats, especially those targeting mobile devices and critical infrastructure. Exploiting zero-day vulnerabilities can lead to unauthorized data access and privacy breaches. This incident highlights the importance of maintaining strong cybersecurity practices, such as timely updates and proactive monitoring. The Cyber Security Agency of Singapore advises users to stay informed and secure their devices to protect against cyber threats, reinforcing the need for comprehensive cybersecurity strategies to protect sensitive data.
References
- https://www.csa.gov.sg/alerts-and-advisories/alerts/al-2025-013
- https://support.apple.com/en-us/122173
- https://support.apple.com/en-us/122174
The post Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products appeared first on Cyble.
React to this headline: