Jamf Threat Labs has released a report detailing a vulnerability in iOS and macOS that’s been assigned CVE-2024-44131.
The vulnerability is in the Transparency, Consent, and Control (TCC) subsystem and the researchers show how it can be exploited to allow malicious access to sensitive information stored in iCloud. Jamf reported its findings to Apple, who patched the issue in iOS 18 and macOS 15…the two updates that rolled out support for Apple Intelligence.
Across Apple’s ecosystem of operating systems, Transparency, Consent, and Control (TCC) serves as a crucial security framework, prompting users to grant or deny requests from individual apps to access sensitive data such as photos, contacts, and location details. A TCC bypass vulnerability occurs when this control fails, allowing an application to access private information without the user’s consent or knowledge.
Michael Covington, vice president of Portfolio Strategy at Jamf, is warning that wariness around Apple Intelligence may be preventing some organizations from applying the latest operating systems updates, which leaves this attack vector open for exploitation. Should this TCC bypass vulnerability be successfully exploited on an unpatched device, users could unwittingly have their sensitive data accessed by another application (including any malicious applications) on their device, he says.
In the report, the Jamf Threat Labs team delves into why the vulnerability matters, how TCC bypass works, what data is at risk, results of successful exploitation, and a proof-of-concept demonstration of the vulnerability, emphasizing the need for enterprises to have a comprehensive security strategy surrounding mobile devices.
Article provided with permission from AppleWorld.Today