A recently patched macOS vulnerability, CVE-2025-31199, can be exploited to bypass security checks and steal sensitive user information, including Apple Intelligence data. Microsoft security researchers have revealed that attackers can leverage Spotlight plugins to access private files and remotely linked device data. #CVE202531199 #Sploitlight #AppleIntelligence #Spotlight #macOSVulnerability
Keypoints
- The CVE-2025-31199 flaw allows attackers to bypass macOS TCC security checks using Spotlight plugins.
- This vulnerability can expose sensitive data such as geolocation, photos, videos, and user activity.
- Apple has released patches in macOS Sequoia 15.4 to fix this security issue and improve data redaction.
- Previous TCC bypasses have included issues like powerdir, HM-Surf, and SIP bypass flaws such as βShrootlessβ and βMigraineβ.
- Attacks exploiting this vulnerability could potentially link and access remote information across linked iCloud devices.