{"id":48721,"date":"2025-07-31T16:46:43","date_gmt":"2025-07-31T20:46:43","guid":{"rendered":"https:\/\/mjtsai.com\/blog\/?p=48721"},"modified":"2025-07-31T16:46:43","modified_gmt":"2025-07-31T20:46:43","slug":"sploitlight","status":"publish","type":"post","link":"https:\/\/mjtsai.com\/blog\/2025\/07\/31\/sploitlight\/","title":{"rendered":"Sploitlight"},"content":{"rendered":"

Microsoft Threat Intelligence<\/a> (MacRumors<\/a>):<\/p>\n

Microsoft Threat Intelligence has discovered a macOS vulnerability that could allow attackers to steal private data of files normally protected by Transparency, Consent, and Control (TCC), such as files in the Downloads<\/em> folder, as well as caches utilized by Apple Intelligence. While similar to prior TCC bypasses like HM-Surf<\/a> and powerdir<\/a>, the implications of this vulnerability, which we refer to as “Sploitlight” for its use of Spotlight plugins, are more severe due to its ability to extract and leak sensitive information cached by Apple Intelligence, such as precise geolocation data, photo and video metadata, face and person recognition data, search history and user preferences, and more. These risks are further complicated and heightened by the remote linking capability between iCloud accounts, meaning an attacker with access to a user’s macOS device could also exploit the vulnerability to determine remote information of other devices linked to the same iCloud account.<\/p>

[…]<\/p>

On modern macOS systems, Spotlight plugins are not even permitted to read or write any file other than the one being scanned. However, we have concluded that this is insufficient, as there are multiple ways for attackers to exfiltrate the file’s contents.<\/p>

[…]<\/p>

Change the bundle’s Info.plist<\/em> and schema.xml<\/em> files to declare the file types they wish to leak in UTI<\/a> form. Since we assume an attacker runs locally, this is always possible to resolve, even for dynamic types.<\/p>

Copy the bundle into ~\/Library\/Spotlight<\/em> directory. Note the bundle does not need to be signed at all.<\/p><\/blockquote>\n\n

Sergiu Gatlan<\/a>:<\/p>\n

In recent years, Microsoft security researchers have found multiple other severe macOS vulnerabilities, including a SIP bypass dubbed ‘Shrootless<\/a>’ (CVE-2021-30892<\/a>), reported in 2021, which enables attackers to install rootkits on compromised Macs.<\/p>

More recently, they discovered a SIP bypass dubbed ‘Migraine’<\/a> (CVE-2023-32369<\/a>) and a security flaw named Achilles(<\/a>CVE-2022-42821<\/a>), which can be exploited to install malware using untrusted apps that bypass Gatekeeper execution restrictions.<\/p>

Last year, they reported another SIP bypass<\/a> flaw (CVE-2024-44243<\/a>) that lets threat actors deploy malicious kernel drivers by loading third-party kernel extensions.<\/p><\/blockquote>\n\n

Csaba Fitzl<\/a>:<\/p>\n

Apple failed to fix this so many times. I first reported this back in macOS Big Sur, and it’s literally detailed in my EXP-312 course in “Bypass TCC via Spotlight Importer Plugins”<\/p><\/blockquote>\n\n

Csaba Fitzl<\/a>:<\/p>\n

Then I reported it again and was fixed as CVE-2024-54533.<\/p>

Looks like it still wasn’t fixed properly.<\/p><\/blockquote>\n\n

See also: Howard Oakley<\/a>.<\/p>\n\n

Previously:<\/p>\n