CVE-2024-54527: New TCC Bypass Vulnerability in macOS
/ 1 min read
🧩 New TCC Bypass Vulnerability Discovered in macOS: CVE-2024-54527. A recently identified vulnerability in macOS, designated CVE-2024-54527, allows attackers to bypass the Transparency, Consent, and Control (TCC) protections by exploiting an XPC service with powerful entitlements. The flaw arises when an unsandboxed XPC client connects to the service, enabling the loading of malicious plugins from unprotected locations. Although Apple has introduced security measures in macOS Ventura and later versions, including Launch Constraints and Hardened Runtime, the vulnerability was still present until recently. The timeline of the discovery and Apple’s response indicates ongoing investigations and improvements, culminating in the assignment of the CVE identifier in January 2024. Further details on the exploit and mitigation strategies are discussed in the article.
