On 24 May 2021, Apple released patches for three vulnerabilities that the company says may have been actively exploited. Researchers released a separate report on one of the fixed flaws in macOS saying malicious actors have been leveraging this vulnerability. We recommend patching as soon as possible.
- Apple’s patches on 24 May have fixed two flaws (tracked as CVE-2021-30663 and CVE-2021-30665) that impact WebKit on Apple TV 4K and Apple TV HD devices, and one, tracked as CVE-2021-30713, that impacts macOS Big Sur devices.
- CVE-2021-30713 is a default permission issue found in the Transparency, Consent, and Control (TCC) framework, a macOS subsystem that blocks installed apps from accessing sensitive user information.
- Threat actors could exploit this vulnerability by crafting a malicious application to bypass Privacy preferences of a user. They could then gain full disk access, screen recording, or other permissions without requiring the user’s explicit consent.
- According to researchers, XCSSET malware has been using this flaw to hijack other apps’ permissions for the purpose of taking screenshots of a victim’s desktop.
- We recommend updating your device as soon as possible as actively exploited flaws present a high risk to unpatched devices.
- Unpatched CVE-2021-30713 could allow threat actors to take screenshots, extract files, and record audio on victims’ computers.
- Go to Apple menu, then click Software Update to check for updates.