Tracked as CVE-2021-30970, the new security error, which Microsoft calls powerdir, allows an attacker to bypass the platform’s Transparency, Consent, and Control (TCC) technology and “potentially orchestrate an attack based on the user’s protected personal data.”
Introduced in 2012, TCC is meant to help users configure the privacy settings in their applications, including access to features such as microphone, camera, location, calendar, and more. Users can access these settings under System Preferences > Security & Privacy > Privacy.
