Cybersecurity Threats Target Vulnerabilities in iOS, iPadOS, Mitel SIP Phones, and PAN-OS

Recent reports highlight alarming attacks on vulnerabilities found in iOS and iPadOS from Apple, Mitel SIP phones, and Palo Alto Networks' PAN-OS. IT professionals are urged to promptly install available updates to mitigate these security risks.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued warnings regarding cyberattacks exploiting weaknesses in iOS and iPadOS, specifically identified as CVE-2025-24200. Attackers with physical access to devices can exploit a flaw within the accessibility module, which affects USB access restrictions. Apple has addressed this vulnerability with updates released in iOS and iPadOS versions 18.3.1 and 17.7.5.

Additionally, since late January, there have been reports of cyberattacks targeting vulnerabilities in Mitel's SIP phones. The notorious Mirai botnet has been infiltrating susceptible devices, exploiting the CVE-2024-41710 vulnerability identified back in August 2024. CISA has cautioned administrators to implement timely updates to address this issue.

Furthermore, vulnerabilities within Palo Alto's PAN-OS have come to light, with one critical vulnerability, CVE-2025-0108, already having exploit code publicly available. The Shadowserver Foundation reported on Thursday that attacks exploiting this vulnerability were underway. By Friday, at least 19 unique IP addresses were identified as exploiting this flaw. Cybersecurity researchers from Greynose have also confirmed the observation of initial attacks targeting the PAN-OS vulnerability.

It is imperative for IT administrators to prioritize the installation of available security updates to safeguard their networks from these ongoing threats.