New macOS vulnerability, "HM Surf", could lead to unauthorized data access

SUMMARY :

A new macOS vulnerability called 'HM Surf' has been discovered that could allow attackers to bypass the Transparency, Consent, and Control (TCC) technology and gain unauthorized access to protected user data. The exploit involves removing TCC protection for the Safari browser directory and modifying configuration files to access browsed pages, camera, microphone, and location without user consent. Apple has released a fix for this vulnerability (CVE-2024-44133) in macOS Sequoia. Microsoft Defender for Endpoint can detect and block exploitation attempts. The vulnerability affects Safari, which has powerful TCC entitlements. Third-party browsers are not directly impacted but could be vulnerable to similar attacks. Adload, a prevalent macOS threat, has been observed potentially exploiting this vulnerability.

OPENCTI LABELS :

macos,vulnerability,adload,safari,cve-2024-44133,tcc bypass,hm surf,browser security,privacy


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


New macOS vulnerability, "HM Surf", could lead to unauthorized data access