Sploitlight: macOS Vulnerability Leaks Sensitive Information
securityweek
A vulnerability in macOS could have allowed attackers to bypass Apple’s Transparency, Consent, and Control (TCC) protections and access sensitive information, Microsoft says.
Tracked as CVE-2025-31199 and described as a logging issue, the flaw was addressed in March 2025 with the release of macOS Sequoia 15.4, iOS 18.4 and iPadOS 18.4, and visionOS 2.4.
“An app may be able to access sensitive user data. A logging issue was addressed with improved data redaction,” Apple’s advisory explains.
Microsoft, which reported the security defect, built a proof-of-concept (PoC) exploit named Sploitlight to demonstrate how Spotlight plugins, which are called importers, can be used to leak sensitive user information and file contents.
Spotlight is a built-in application in macOS that helps users quickly find content on a device by indexing it. The application relies on importers for further indexing, consuming data from index files saved locally.
Apple ...
Copyright of this story solely belongs to securityweek . To see the full text click HERE