Why it issues: On Monday, Microsoft publicly disclosed a vulnerability in macOS that could possibly be used to entry or exfiltrate delicate consumer information. The exploit is facilitated by a flaw within the Transparency, Consent, and Management (TCC) framework. The TCC platform is a part of macOS that enables customers to manage what apps can entry customers’ information, information, and elements.
Microsoft 365 Defender Analysis Group dubbed the vulnerability (CVE-2021-30970) “powerdir” named after the software program exploit created by Microsoft researcher Jonathan Bar Or. Microsoft notified Cupertino of the safety flaw in July 2021. Apple patched the flaw in December with macOS 11.6 and 12.1.
“We found that it’s doable to programmatically change a goal consumer’s house listing and plant a pretend TCC database, which shops the consent historical past of app requests,” defined Or. “If exploited on unpatched programs, this vulnerability might permit a malicious actor to doubtlessly orchestrate an assault based mostly on the consumer’s protected private information.”
Screenshots present this system granting Or entry to each the microphone and digicam. Nonetheless, the TCC additionally maintains permission for different elements, together with display recording, Bluetooth, location providers, contacts, images, and extra.
Whereas Microsoft created the software program particularly for this process, any app might use the identical approach to take advantage of the outlet. The attacker wants full disk entry to the TCC database, which could possibly be granted by way of different strategies. As soon as gained, hackers can assign or reassign entry permissions as they please.
Powerdir is the third TCC bypass discovered within the final couple of years. The opposite two (CVE-2020-9934 and CVE-2020-27937) have been disclosed and patched in 2020. One other flaw (CVE-2021-30713) discovered final yr in all Apple working programs allowed attackers arbitrary management over permissions, which hackers actively exploited earlier than being fastened in Might.