A vulnerability in macOS allowed attackers to bypass TCC protections and access sensitive data via Spotlight plugins, leading to potential data leaks. Microsoft demonstrated an exploit called Sploitlight that could exfiltrate files and user information, emphasizing the threat of privilege abuse on Apple devices. #CVE-2025-31199 #Sploitlight
Keypoints
- A security flaw in macOS could let attackers access sensitive user data without proper authorization.
- The vulnerability was addressed in macOS Sequoia 15.4, iOS 18.4, and visionOS 2.4 updates.
- Microsoft created a proof-of-concept exploit named Sploitlight to demonstrate the misuse of Spotlight plugins.
- Attackers can manipulate Spotlight plugin files to exfiltrate confidential files and metadata.
- The flaw can also be exploited to leak data from linked Apple devices via iCloud accounts.
Read More: https://www.securityweek.com/sploitlight-macos-vulnerability-leaks-sensitive-information/