Microsoft has described a vulnerability in macOS that could allow an attacker to bypass built-in technology controls and gain access to users’ protected data. This issue, dubbed “powerdir”, affects the Transparency, Consent and Control (TCC) system, which has been available since 2012 to help users configure their apps’ privacy settings. It can allow attackers to hijack an existing app installed on a Mac computer or install their own app and access hardware, including microphone and camera, to gain user data.
As described in a blog post, the macOS vulnerability can be exploited by bypassing TCC to target users’ sensitive data. Notably, Apple has fixed the bug in the macOS Monterey 12.1 update released last month. It has also been fixed via the macOS Big Sur 11.6.2 release for older hardware. However, devices running an older macOS version are still vulnerable.
Apple uses TCC to help users configure privacy settings, such as access to the device’s camera, microphone, and location, as well as services such as calendar and iCloud account. The technology is available for access through the Security and privacy section in System Preferences.
In addition to TCC, Apple uses a feature designed to prevent systems from executing unauthorized code and enforce a policy that restricts access to TCC to only apps with full disk access. However, an attacker could change a target user’s home directory and install a fake TCC database to obtain the permission history of app requests, Microsoft security researcher Jonathan Bar Or said in the blog post.
“If this vulnerability is exploited on unpatched systems, a malicious actor could potentially orchestrate an attack based on the user’s protected personal data,” the researcher said.
Microsoft researchers also developed a proof-of-concept to demonstrate how the vulnerability can be exploited by changing the privacy settings of a particular app.
Apple has acknowledged the efforts of the Microsoft team in its security document. The vulnerability has been identified as CVE-2021-30970.
Check out the latest from the Consumer Electronics Show on Gadgets 360, at our CES 2022 hub.