macOS Sploitlight flaw leaks Apple Intelligence data

Attackers could use a recently patched macOS vulnerability to bypass Transparency, Consent, and Control (TCC) security checks and steal sensitive user information, including Apple Intelligence cached data.

TCC is a security technology and a privacy framework that blocks apps from accessing private user data by providing macOS control over how their data is accessed and used by applications across Apple devices.

Apple has fixed the security flaw tracked as CVE-2025-31199 (reported by Microsoft’s Jonathan Bar Or, Alexia Wilson, and Christine Fossaceca) in patches released in March for macOS Sequoia 15.4 with “improved data redaction.”

While Apple restricts TCC access only to apps with full disk access and automatically blocks unauthorized code execution, Microsoft security researchers found that attackers could use the privileged access of Spotlight plugins to access sensitive files and steal their contents.

They showed in a report published today that the vulnerability (named Sploitlight and described by Apple as a “logging issue”) could be exploited to harvest valuable data, including Apple Intelligence-related information and remote information of other iCloud account-linked devices.

This includes, but is not limited to, photo and video metadata, precise geolocation data, face and person recognition data, user activity and event context, photo albums and shared libraries, search history and user preferences, as well as deleted photos and videos.

​Since 2020, Apple has patched other TCC bypasses that exploit Time Machine mounts (CVE-2020-9771), environment variable poisoning (CVE-2020-9934), and a bundle conclusion issue (CVE-2021-30713). In the past, Microsoft security researchers have also discovered several other TCC bypasses, including powerdir (CVE-2021-30970) and HM-Surf, that could also be abused to gain access to users’ private data.

“While similar to prior TCC bypasses like HM-Surf and powerdir, the implications of this vulnerability, which we refer to as ‘Sploitlight’ for its use of Spotlight plugins, are more severe due to its ability to extract and leak sensitive information cached by Apple Intelligence, such as precise geolocation data, photo and video metadata, face and person recognition data, search history and user preferences, and more,” Microsoft said on Monday.

“These risks are further complicated and heightened by the remote linking capability between iCloud accounts, meaning an attacker with access to a user’s macOS device could also exploit the vulnerability to determine remote information of other devices linked to the same iCloud account.”

In recent years, Microsoft security researchers have found multiple other severe macOS vulnerabilities, including a SIP bypass dubbed ‘Shrootless’ (CVE-2021-30892), reported in 2021, which enables attackers to install rootkits on compromised Macs.

More recently, they discovered a SIP bypass dubbed ‘Migraine’ (CVE-2023-32369) and a security flaw named Achilles(CVE-2022-42821), which can be exploited to install malware using untrusted apps that bypass Gatekeeper execution restrictions.

Last year, they reported another SIP bypass flaw (CVE-2024-44243) that lets threat actors deploy malicious kernel drivers by loading third-party kernel extensions.