Primary

Context

Apple TCC Permission Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Patched

A permissions vulnerability in the TCC (Transparency, Consent, and Control) framework was identified, allowing apps to access sensitive user data without proper authorization. This issue affects multiple Apple platforms, including iOS 17, iPadOS 17, and macOS Sonoma 14. The vulnerability arises from inadequate permissions checks, which could enable unauthorized data access.

Impact

Exploitation of this vulnerability could lead to unauthorized access to sensitive user data, such as location information or private calendar details, depending on the specific context in which the vulnerability is exploited.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

8.4

impact

2.5

exploitability

4.4

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

0.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apple TCC Permission Vulnerability Allowing Access to Sensitive User Data

Vulnerability

Impact

Affected Products

Apple iOS

Apple macOS Sonoma

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating