macOS Weaknesses Chained to Silently Disable Endpoint Security Agents

Cybersecurity firm XM Cyber has demonstrated a macOS attack technique that allows a standard, non-administrative user account to silently disable enterprise endpoint security tools, including EDR and MDM agents, without triggering alerts or requiring kernel exploits.

Some of the underlying primitives, including the abuse of weakly-validated XPC connections and the injection of malicious payloads into application Interface Builder (NIB) files, have been publicly documented by security researchers for years and partially addressed by Apple.

However, the research introduces a novel chain that exploits the persistence of the kernel’s code-signing trust cache after a legitimately signed application executes, allowing an attacker to inject a malicious payload that impersonates a trusted app component and silently invokes privileged XPC methods.

The cybersecurity company noted that the attack technique abuses legitimate macOS behavior rather than software vulnerabilities.

The technique was successfully demonstrated against CrowdStrike Falcon Sensor, which was fully unloaded from a standard user account, and against Kandji MDM, which was permanently deactivated via a two-stage chain. The Kandji exploit cleared the EDR guards and terminated the Endpoint Security Framework extension, XM Cyber said.