Apple has released an out-of-band security update to patch CVE-2025-24200, an authorization flaw in iOS and iPadOS that could allow attackers with physical access to disable USB Restricted Mode. The flaw, discovered by Bill Marczak of The Citizen Lab, has been exploited in sophisticated attacks against targeted individuals. USB Restricted Mode, introduced in iOS 11.4.1, prevents unauthorized access via digital forensics tools like Cellebrite and GrayKey. The update is available for iOS 18.3.1, iPadOS 18.3.1, and iPadOS 17.7.5 for various devices. This follows Apple's recent fix for another exploited vulnerability, CVE-2025-24085, in Core Media. Zero-day exploits in Apple software are often leveraged by surveillanceware vendors, including NSO Group, whose Pegasus spyware has been used by law enforcement and intelligence agencies worldwide.

‍