iOS 18.3.1: Apple Confirms USB Restricted Mode Vulnerability Actively Exploited

Apple has released iOS 18.3.1 and iPadOS 18.3.1, addressing a critical security vulnerability that could have allowed attackers to bypass USB Restricted Mode on locked devices. The vulnerability, tracked as CVE-2025-24200, was actively exploited in the wild, according to Apple's security support document.

USB Restricted Mode is a security feature introduced in iOS 11.4.1 that prevents unauthorized access to data via USB connections when the device is locked. The vulnerability in iOS 18.3.1 and iPadOS 18.3.1 allowed an attacker with physical access to a locked device to disable USB Restricted Mode, potentially exposing sensitive data on the device.

Apple has patched the vulnerability with improved state management, ensuring that USB Restricted Mode remains enabled even when the device is locked. The company has also released iPadOS 17.7.5 for devices that are not able to run iPadOS 18, which includes the same security fix.



Users are strongly encouraged to update their devices to iOS 18.3.1 or iPadOS 18.3.1 as soon as possible to protect against potential threats. The update is available for iPhone XS and later, iPad Pro 13-inch, iPad Pro 12.9-inch 3rd generation and later, iPad Pro 11-inch 1st generation and later, iPad Air 3rd generation and later, iPad 7th generation and later, and iPad mini 5th generation and later.

Apple has not disclosed the details of the real-world exploitation of the vulnerability, but the fact that it was actively exploited underscores the importance of applying the patch to protect against potential threats. By updating to the latest software, users can ensure that their devices are protected from this vulnerability and reduce the risk of unauthorized access to their data.

In addition to the USB Restricted Mode vulnerability, the iOS 18.3.1 and iPadOS 18.3.1 updates include important bug fixes and security updates. Apple has not yet released security notes for the other platforms, but it is expected to do so soon.



In conclusion, the iOS 18.3.1 and iPadOS 18.3.1 updates address a critical security vulnerability that could have allowed attackers to bypass USB Restricted Mode on locked devices. The vulnerability was actively exploited in the wild, and users are strongly encouraged to update their devices to protect against potential threats. The updates also include important bug fixes and security updates, and Apple is expected to release security notes for the other platforms soon.