Bio

Michael Cowell is a cybersecurity engineer and researcher specialising in the iOS and macOS ecosystems with experience in the public and private sector.

Abstract

In this brief talk we'll discuss macOS user privacy protections and a logic bug in the PackageKit framework which leads to a complete SIP/TCC bypass ( CVE-2023-38609 ) on macOS Ventura. The talk will cover initial discovery, automating variant discovery and chaining with a patched privilege escalation to achieve unrestricted access from a regular user context.