Apple has addressed a critical flaw in its iOS and macOS systems that could bypass the Transparency, Consent, and Control framework to allow attackers to gain unauthorized access to sensitive user data, TheHackerNews reports.The vulnerability, tracked as CVE-2024-44131, was discovered in the FileProvider component and has been fixed in iOS 18, iPadOS 18, and macOS Sequoia 15 through improved validation of symbolic links. It enabled malicious apps to exploit elevated privileges of the fileproviderd daemon to intercept and manipulate file operations performed in the Files app. By inserting symlinks during file transfers, attackers could redirect or access sensitive files, including iCloud backup data, Health data, and media files, without triggering user notifications. The technique undermined the TCC framework, which regulates app permissions for accessing sensitive data such as contacts and location. Although the flaw does not compromise all data types -- some remain protected by UUIDs or specific API restrictions -- it exposes a significant gap in Apple’s access control enforcement.
Vulnerability Management, Patch/Configuration Management, Threat Intelligence
Apple patches TCC bypass vulnerability

(Photo by Greg Baker /AFP via Getty Images)
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds



