Apple has recently rolled out an update for iOS and iPadOS devices, aiming to fix a critical security vulnerability concerning the USB Restricted Mode. The bug, labeled as CVE-2025-24200, could potentially allow malicious actors to disable the USB Restricted Mode on locked devices through a “physical attack.” This security feature prevents data transfer through the device’s port once it has been locked for more than an hour, safeguarding against unauthorized access attempts.

The tech giant addressed the issue with the release of iOS 18.3.1 and iPadOS 18.3.1, suggesting an urgent need for users to update their systems. Apple acknowledged reports of the vulnerability being exploited in complex attacks targeting specific individuals, hinting at possible involvement from state-sponsored entities or law enforcement agencies. This revelation adds to the ongoing debate surrounding user privacy, with Apple historically resisting government demands for backdoor access to devices due to the implications for user data security and privacy.

These developments underscore the escalating tensions between tech companies and government authorities over data access and privacy concerns, as highlighted by Amnesty International’s report on state agencies utilizing firms like Cellebrite for unlocking locked smartphones and potential malware installations. The continuous evolution of cybersecurity threats emphasizes the critical role of regular software updates and heightened vigilance in safeguarding personal information and digital assets.

Sources: Apple, TechCrunch.