Apple

TCC Bypass Vulnerability Exposes Sensitive iCloud Data on iOS and macOS

Jamf Threat Labs has uncovered a TCC bypass vulnerability that could have allowed malicious apps to access sensitive user data without triggering any notifications or prompting for consent on iOS and macOS devices.

Jamf Threat Labs recently discovered a significant vulnerability in Apple's iOS Transparency, Consent, and Control (TCC) subsystem on iOS and macOS that could allow malicious apps to access sensitive user data completely unnoticed without triggering any notifications or user consent prompts. The vulnerability, tracked as CVE-2024-44131, impacts the Files.app and FileProvider.framework system processes and exposes users' private information such as photos, GPS location, contacts, and health data. It may also allow potentially malicious apps access to a user's microphone and camera. This exploit can occur completely undetected.

#Apple

Latest News

xBloom

xBloom Studio: The Coffee Maker That Puts Science in Your Cup

3 months ago

HomeKit

Matter 1.4.1 Update: Daniel Moneta Discusses Future of Smart Home Interoperability on HomeKit Insider Podcast

3 months ago

Mac

OWC Unleashes Thunderbolt 5 Docking Station with 11 Ports for M4 MacBook Pro

3 months ago

Technology

Nomad Unveils Ultra-Slim 100W Power Adapter for On-the-Go Charging

3 months ago

iOS

iOS 19 Set to Debut Bilingual Arabic Keyboard and Virtual Calligraphy Pen for Apple Pencil

3 months ago

Apple

Big Tech Lawyers Accused of Encouraging Clients to Break the Law

3 months ago