January 13, 2022 –
A vulnerability allowed the manipulation of privacy settings on MacOS systems. With MacOS update 12.1, Apple has patched this and other leaks.
Microsoft has announced the macOS vulnerability CVE-2021-30970 informed, which has already been fixed in the latest macOS Monterey update 12.1 of December 13, 2021. The vulnerability is found in Apple’s TCC (Transparency, Consent and Control) technology, which was introduced in 2012 with the MacOS X version Mountain Lion. TCC will allow users to manage their apps’ privacy settings, including access to the camera, microphone, location and iCloud calendar. Apps for which Full Disk Access is allowed can also manipulate the TCC database.
According to Microsoft, the mechanism can be bypassed by changing the user’s home directory and injecting a fake TCC database. After that, an attacker could, for example, abuse an app on the device to spy on video and audio data from the camera and microphone. Microsoft demonstrated the exploit using teams as an example. (ubi)