CVE-2024-44133

Name of the Vulnerable Software and Affected Versions macOS versions prior to Sequoia 15

Description A security issue exists in macOS related to deficiencies in access control. Exploitation of this issue may allow an attacker to bypass privacy settings. Microsoft discovered this flaw, dubbed "HM Surf", in Apple’s macOS TCC framework. This bypass could allow unauthorized access to sensitive data such as location, camera, and microphone. The issue was addressed by removing the vulnerable code in macOS Sequoia 15. Microsoft Defender for Endpoint detects exploitation attempts, including anomalous modification of the Preferences file. The vulnerability allows malicious apps to access user data without consent, potentially leading to severe privacy breaches. The flaw involves bypassing the Transparency, Consent, and Control (TCC) technology, specifically for the Safari browser. Attackers can manipulate Safari’s configuration files to gain access to sensitive data without user permission.

Recommendations Update to macOS Sequoia 15 or later.