Back to directory

WRITEUP #1567

CVE-2022-22655 - TCC - Location Services Bypass

OtherMacOSTCC bypass

by@theevilbit(Csaba Fitzl)

Program

Apple (macOS)

Published

Feb 13, 2023

Added to HackDex

Feb 16, 2023

Read Full Writeuphttps://theevilbit.github.io/posts/cve-2022-22655/

▸ RELATED WRITEUPS

CVE-2023-42929: Why do we need the App Container Protection

OtherTCC bypass

Data Theft in Salesforce: Manipulating Public Links

OtherSOQL injection

Zero-Click Calendar invite — Critical zero-click vulnerability chain in macOS

RCEArbitrary file write

When Certificates Fail: A Story of Bypassed MFA in Remote Access

Other2FA / MFA bypass

SSTI in Bug Bounty Program: The Time I Played with Handlebars and Broke Stuff

Built with ❤️ by Shubham Rawat