Apple’s USB Restricted Mode, a key iOS security feature since 2018 designed to prevent unauthorized USB data access, has been found to have vulnerabilities exploited in sophisticated cyberattacks. Yesterday, the smartphone giant addressed this security flaw with iOS 18.3.1 and iPadOS 18.3.1. The vulnerability allows attackers with physical access to a locked iPhone to steal data through the USB port. The vulnerability is registered in the CVE program as CVE-2025-2420.
Bill Marczrin, a senior researcher at Citizens Lab, discovered this active exploit and reported it to Apple. Given that iOS 18.3 was just released two weeks ago, some iPhone and iPad users may be surprised by the need for a new update so soon. This is basically because of the severity of this accessibility flaw. It is important to remember that the USB Restricted Mode plays a vital role as it is designed to automatically block data transfer through the USB port after an iPhone is locked, but with this vulnerability, attackers are able to disable that protection. This could pave the way for threat actors to corrupt data or steal sensitive information from their target’s iPhones or iPad through a USB connection.
In response to this security flaw, Apple released iOS 18.3.1 and iPadOS 18.3.1. While Apple is keeping the specific details of the fix confidential to prevent exploitation by malicious actors, it has stressed the seriousness of the flaw. Apple also released a list of affected devices, starting with iPhone XS and later versions. Checking this range of devices will help you determine if your device is susceptible to attackers seeking to exploit this vulnerability.
Considering the risk associated with this flaw, Apple strongly recommends that all iPhone and iPad owners update to the latest operating systems; iOS 18.3.1 and iPadOS 18.3.1. To do this, follow the steps below
- Tap your Settings app on your iPhone or iPad
- Tap General > Software Update > Update now
Once the update is complete, your device will be patched against this vulnerability.