Forgot password?

Powerdir vulnerability found within MacOS

Threat Intelligence from DigitalXRAID’s Security Operations Centre analysts:

DigitalXRAID’s Security Operations Centre Analysts have been notified that research analysts from Microsoft have discovered a new vulnerability within MacOS, named “powerdir”. So far, it’s understood that this vulnerability could allow threat actors to bypass the system’s Transparency, Consent and Control (TCC) technology, gaining unauthorised access to a user’s protected data. 

Read more about the CVE detail: CVE-2021-30970 

The CVSS (Common Vulnerability Scoring System) Severity score has been rated as: 5.5

Introduced in 2012, TCC is designed to help users configure privacy settings on their applications, such as camera and microphone access. To secure TCC, Apple ensured unauthorised code execution was prevented and TCC was only accessed by applications with full disk access. Researchers found it is possible to plant a fake TCC database by changing a target’s home directory. This stores the history of consent requests, which could then allow a threat actor access to protected data, for example the user’s iCloud account, microphone or camera. 

This vulnerability affects MacOS Monterey and Big Sur and was patched as part of security updates released on December 13, 2021. It is recommended to ensure these security updates are applied as soon as possible. This issue is fixed in macOS Monterey 12.1, macOS Big Sur 11.6.2. 

Further information can be found on Microsoft’s security blog, here. 

If you believe you’re under attack or discover that you’ve suffered a breach and need help urgently, get in contact with us. You can call our emergency line on 0800 066 4509 to speak to one of our experts. They’re available 24 hours a day, 7 days a week. Bookmark this page in case you ever need us.  

If you need any support in mitigating any risks this vulnerability may have on your business, please don’t hesitate to get in contact 

Share this post:

Cyber Security Experts

Accredited and regulated, we're in the top 1% of cyber security agencies globally

Crown Commercial Service Supplier Cyber Essentials Plus ISO 27001 BSI ISO 9001 CHECK NCSC Cyber Incident Response CREST

We’re trusted by the UK Government as Crown Commercial Service providers as well as being accredited by two of the leading cyber security governing bodies. Our ISO9001 certification means you can rest assured our processes and approach are market leading.

Protect Your Business & Your Reputation.

With a continued focus on security, you can rest assured that breaches and exploits won't be holding you back.

Speak To An Expert

Threat Intelligence: Powerdir vulnerability found within MacOS

Get In Touch

[contact-form-7 id="5" title="Contact Us Form"]