Apple Patches ‘Extremely Sophisticated Attack’ That Can Hit iPhones

Apple is patching a new zero-day exploit in iOS that may have been used by law enforcement to unlock seized iPhones. 

“Apple is aware of a report that this issue may have been exploited in an extremely sophisticated attack against specific targeted individuals,” the company said in the security release announcing the launch of an emergency patch with iOS 18.3.1.

Although details are thin, Apple describes the vulnerability as a “physical attack” that can disable the USB Restricted Mode on a locked device. That mode prevents an iPhone from transmitting data through the USB port when the device is locked. But it looks like someone found a way to bypass the protection.

Since the attack requires physical access to the device, some already suspect the exploit was used in hacking tools, like those from Cellebrite, which sell solutions to crack smartphones. The Israeli company serves customers including the FBI and police forces across the US, in addition to law enforcement agencies in dozens of countries. 

Apple also discovered the vulnerability through Bill Marczak, a senior research fellow at Citizen Lab, which has investigated and exposed numerous commercial spyware and surveillance vendors, such as Israel’s NSO Group. But so far, Marczak hasn’t revealed more details, except to warn the public to install the patch.

Although forensic tools can help the police investigate devices tied to criminal cases, the same hacking tech has allegedly fallen into hands of repressive regimes to spy on dissidents, activists, and journalists. In December, Amnesty International uncovered evidence that Serbian police had used Cellebrite’s tools to unlock an Android phone belonging to a journalist and then place spyware on the device.

In this case, the iOS vulnerability, dubbed CVE-2025-24200, has since been plugged with an “improved statement management”-related fix, Apple says. The company’s patch is designed for the iPhone XS and up. The fix is also arriving through iPadOS 18.3.1 and iPadOS 17.7.5, which were also released today.

Users can update their iPhones by going to Settings > General > Software Update. The phone can also patch itself automatically if you’ve toggled on automatic updates.

SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.”,”first_published_at”:”2021-09-30T21:22:09.000000Z”,”published_at”:”2025-01-23T16:44:01.000000Z”,”last_published_at”:”2025-01-23T16:43:49.000000Z”,”created_at”:null,”updated_at”:”2025-01-23T16:44:01.000000Z”})” x-show=”showEmailSignUp()” x-intersect.once=’window.trackGAImpressionEvents(“pcmag-on-site-newsletter-block”, “SecurityWatch”, $el)’ readability=”32.838445807771″>

Like What You’re Reading?

Sign up for SecurityWatch newsletter for our top privacy and security stories delivered right to your inbox.

This newsletter may contain advertising, deals, or affiliate links.
By clicking the button, you confirm you are 16+ and agree to our
Terms of Use and
Privacy Policy.
You may unsubscribe from the newsletters at any time.

About Michael Kan

Senior Reporter

I’ve been working as a journalist for over 15 years—I got my start as a schools and cities reporter in Kansas City and joined PCMag in 2017.

Read Michael’s full bio

Read the latest from Michael Kan