CVE-2025-24200
Apple iOS and iPadOS Incorrect Authorization Vulnerability
CVSS
—
Sin CVSS
EPSS
4.4%
p90
KEV
SÍ
12 feb 2025
Exploit Today
77
0-100
Publicado: — · Última mod.: —
4.4%EPSS · 30 días4.9%
2026-06-302026-07-17
Producto
Apple / iOS and iPadOS
Vulnerabilidad
Apple iOS and iPadOS Incorrect Authorization Vulnerability
Añadido a KEV
12 feb 2025
Remediar antes de
5 mar 2025
Uso conocido en ransomware
No
Descripción resumida
Apple iOS and iPadOS contains an incorrect authorization vulnerability that allows a physical attacker to disable USB Restricted Mode on a locked device.
Acción requerida
Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.
Notas
https://support.apple.com/en-us/122173 ; https://nvd.nist.gov/vuln/detail/CVE-2025-24200
CVECVSSEPSSKEVRExplotTítuloVis.
CVE-2021-30983—85.5%
KEV—76Apple iOS and iPadOS Buffer Overflow Vulnerability—CVE-2023-41974—69.6%
KEV—71Apple iOS and iPadOS Use-After-Free Vulnerability—CVE-2022-42827—62.9%
KEV—69Apple iOS and iPadOS Out-of-Bounds Write Vulnerability—CVE-2023-42824—57.0%
KEV—67Apple iOS and iPadOS Kernel Privilege Escalation Vulnerability—