VYPR
Medium severity6.1CISA KEVNVD Advisory· Published Feb 10, 2025· Updated Apr 3, 2026

CVE-2025-24200

CVE-2025-24200

Description

An authorization issue was addressed with improved state management. This issue is fixed in iOS 15.8.4 and iPadOS 15.8.4, iOS 16.7.11 and iPadOS 16.7.11, iOS 18.3.1 and iPadOS 18.3.1, iPadOS 17.7.5. A physical attack may disable USB Restricted Mode on a locked device. Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

4
  • Apple Inc./Ipados2 versions
    cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:apple:ipados:*:*:*:*:*:*:*:*range: <15.8.4
    • (no CPE)range: <18.3.1 (for iPadOS 18.x), <17.7.5 (for iPadOS 17.x), <16.7.11 (for iPadOS 16.x), <15.8.4 (for iPadOS 15.x)
  • cpe:2.3:o:apple:iphone_os:*:*:*:*:*:*:*:*
    Range: <15.8.4
  • Range: <18.3.1 (for iOS 18.x), <16.7.11 (for iOS 16.x), <15.8.4 (for iOS 15.x)

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.