GIMP TCC Bypass Vulnerability on macOS

A vulnerability in the macOS version of GIMP allows local users to bypass Transparency, Consent, and Control (TCC) permissions. The application bundles a Python interpreter that inherits TCC permissions granted to the main application. An attacker with local user access can use this interpreter to execute arbitrary commands or scripts, accessing files in privacy-protected folders without triggering user prompts. This vulnerability takes advantage of the application's previously granted TCC permissions, potentially disguising malicious intent by prompting the user for approval in the name of GIMP when accessing resources beyond those permissions. The issue has been fixed in GIMP version 3.1.4.2.

Impact

Exploitation of this vulnerability allows for a TCC bypass, enabling unauthorized access to privacy-protected files and resources on the user's system. This could lead to unauthorized data access or manipulation, depending on the nature of the accessed files.

Reproduction

To reproduce this vulnerability, a local user must invoke the Python interpreter bundled with GIMP on macOS. This can be done by executing scripts or commands through the interpreter. The GIMP application must have been granted TCC permissions by the user, allowing the interpreter to access files in privacy-protected folders without prompting for permission. Once the interpreter is invoked, it can be used to access sensitive files, exploiting the TCC bypass.

Remediation

Users can update to GIMP version 3.1.4.2 or later to address this vulnerability.