One Article Review
| Source |  Cyble |
|---|---|
| Identifiant | 8648036 |
| Date de publication | 2025-02-11 12:46:32 (vue: 2025-02-11 13:08:10) |
| Titre | Cyber Security Agency of Singapore Alerts Users on Active Exploitation of Zero-Day Vulnerability in Apple Products |
| Texte | 
Overview
The Cyber Security Agency of Singapore (CSA) has recently issued a warning regarding the active exploitation of a zero-day vulnerability (CVE-2025-24200) in a range of Apple products. This critical vulnerability is being actively targeted, and Apple has released timely security updates to address the issue. If exploited, the vulnerability could allow attackers to bypass certain security features and gain unauthorized access to sensitive data through USB connections.
The vulnerability, identified as CVE-2025-24200, affects various Apple devices, including iPhones and iPads. Specifically, the issue lies in the USB Restricted Mode, a security feature designed to prevent unauthorized access to a device\'s data when it is locked. A successful attack could disable this mode, allowing an unauthenticated attacker to access the device\'s data via a USB connection, even if the device is locked.
This flaw has been dubbed a "zero-day vulnerability," as it was discovered and actively exploited before a patch or security fix was made available. Apple has moved quickly to resolve the issue with new security updates released on February 10, 2025.
Affected Apple Products
|
| Notes | ★★★★ |
| Envoyé | Oui |
| Condensat | 013 1024x512 1st 2025 24200 2nd 300x150 3rd 5th 6th 7th access acknowledged action active actively address addressed administrators advised advises advisories/alerts/al affected affects against agency air alerts allow allowing also apple applied are attack attacker attackers attacks authorization automatic available been before being blogs breaches but bypass can caption= certain com/en com/wp comprehensive conclusion connection connections constant contain content/uploads/2025/02/cyble could critical csa cve cyber cybersecurity data day delay designed details device devices disable discovered dubbed enable encouraged ensure environments especially even explained exploitation exploited exploiting feature features february file= fix flaw following: future gain general generation gov has have high highlights https://cyble https://support https://www identified image immediate immediately importance improved inch incident included including indicate individuals informed infrastructure ios ipad ipados ipads iphone iphones issue issued jpg large later latest lead lies locked made maintaining management may medium mini mitigate mobile mode models monitoring moved navigating need new notes now official overview particularly patch patches practices prevent privacy pro proactive products protect quickly range recently references regarding reinforcing release released remain resolve response restricted result risk secure security sensitive settings severity sg/alerts singapore software specific specifically state stay strategies strong strongly successful such surrounding take targeted targeting these those threats through timely title= unauthenticated unauthorized update updates updating urges us/122173 us/122174 usb users vague various apple versions vigilance vulnerabilities vulnerability warning well when which wide without zero |
| Tags | Vulnerability Threat Mobile |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.