Microsoft security researchers have discovered a macOS exploit that can alter TCC permissions

Why it matters: Microsoft on Monday publicly disclosed a vulnerability in macOS that could be used to access or steal sensitive user data. The exploitation is facilitated by a loophole in the TCC framework. The TCC platform is part of macOS that allows users to control which applications can access users’ data, files, and components.

The Microsoft 365 Defender research team called the vulnerability (CVE-2021-30970) “powerdir” after an exploit created by Microsoft researcher Jonathan Bar Or. Microsoft notified Cupertino of the security breach in July 2021 Apple fixed the flaw in December with macOS 11.6 and 12.1.

“We discovered that it was possible to programmatically change the target user’s home directory and create a fake TCC database, which stores the approval history for application requests,” we explained. If exploited on unpatched systems, this vulnerability could allow a potentially malicious actor to orchestrate an attack based on protected personal user data. “

Microsoft security researchers discovered a file

Screen shots show which software grants or accesses the microphone and camera. However, TCC also maintains authorization for other components including screen recording, Bluetooth, location services, contacts, photos, and more.

While Microsoft created the software specifically for this task, any application could use the same technology to exploit the hole. The attacker needs full disk access to the TCC database, which can be granted through other methods. Once acquired, hackers can set or reset access permissions as they see fit.

Powerdir is the third TCC bypass to be found in the last two years. The other two (CVE-2020-9934 and CVE-2020-27937) were revealed and fixed in 2020. Another flaw (CVE-2021-30713) discovered last year across all Apple operating systems allowed attackers to arbitrarily control permissions, which is This allowed hackers to actively exploit it before it was patched in May.

  • Laurence Malcom

    "Wannabe internet buff. Future teen idol. Hardcore zombie guru. Gamer. Avid creator. Entrepreneur. Bacon ninja."

    Related Posts

    Perawatan dan Pengujian Pemutus Sirkuit: Jaminan Kinerja Andal

    Dalam dunia sistem kelistrikan dan distribusi daya, pemutus sirkuit berperan penting dalam melindungi peralatan, mencegah kecelakaan kelistrikan, dan menjamin keandalan kinerja sistem secara keseluruhan. Untuk mencapai fungsionalitas dan umur panjang…

    The Digital Transformation of Content Marketing Technology

    It’s common knowledge that modern technology is dramatically influencing company practices. In 2020, several businesses shifted to a digital-first approach, leading to a rise in digital advertising investment. The content…

    Leave a Reply

    Your email address will not be published. Required fields are marked *