Coursera Flash Sale
40% Off Coursera Plus for 3 Months!
Grab it
Explore four critical disk-related vulnerabilities in Apple systems through this comprehensive security conference talk from BSides Budapest 2025. Dive deep into the workings of the diskarbitrationd system daemon, examining its preventive measures before uncovering sandbox escape and full TCC (Transparency, Consent, and Control) bypass vulnerabilities that impact this crucial system component. Learn about diskutil and storagekitd tools, understanding their functions and potential security implications, then discover multiple vulnerabilities including additional TCC bypasses and privilege escalation techniques. Examine how Disk Utility, diskutil's more powerful counterpart, can be exploited to escalate privileges from admin to root when GUI access is available, particularly relevant for scenarios involving unattended workstations. Gain practical insights into Apple's disk management security architecture and the various attack vectors that can compromise system integrity through disk-related services and utilities.
