Apple has since patched this exploit that was served under CVE-2025-31199 in March. Its important to note there have been other TCC issues previously reported and since also corrected. The purpose of posting this is to bring attention to the false pretense some may have the macOS is not vulnerable to being taken over with malware/ransomware. Users should remain vigilant with patches and security bulletins to remain safe.

​Since 2020, Apple has patched other TCC bypasses that exploit Time Machine mounts (CVE-2020-9771), environment variable poisoning (CVE-2020-9934), and a bundle conclusion issue (CVE-2021-30713). In the past, Microsoft security researchers have also discovered several other TCC bypasses, including powerdir (CVE-2021-30970) and HM-Surf, that could also be abused to gain access to users’ private data.

SA