A newly disclosed macOS vulnerability lets standard users turn off EDR and MDM tools without admin rights, according to reporting by Infosecurity Magazine. Discovered by XM Cyber, the flaw resides in the XPC inter‑process communication mechanism and has been assigned CVE-2026-39118 with a CVSS score of 8.4.
The issue stems from how macOS validates trust for XPC services, allowing a low‑privilege process to impersonate a trusted component and invoke privileged functions, as detailed in SecurityWeek. No authentication is required, so an attacker can send crafted XPC messages to disable security agents such as CrowdStrike Falcon or Kandji MDM. The vulnerability does not need a kernel exploit and leaves minimal forensic traces.
Researchers demonstrated the attack against both CrowdStrike and Kandji, showing that the trust cache can be manipulated to accept malicious code as legitimate, according to DarkReading. The flaw is tracked as CVE-2026-39118; while a patch has been issued by Kandji, CrowdStrike has released detection signatures instead of a fix. Apple has not yet released a system‑wide update.
To date no threat‑actor group has been linked to active exploitation of the bug, and it is not listed in the Known Exploited Vulnerabilities catalogue. However, the ease with which standard accounts can silence endpoint defenses makes it an attractive technique for post‑intrusion operations. XM Cyber plans to publish an open‑source scanner called XPC Hunter to help defenders spot similar trust‑boundary weaknesses, with a debut slated for Black Hat USA in August 2026.
Administrators should apply the Kandji patch immediately and monitor XPC logs for unexpected calls from non‑privileged binaries. Enforcing strict caller identity checks in any custom XPC service and employing application‑control policies that block unsigned or altered trust‑cache entries will reduce risk. Security teams can also deploy the detection rules released by CrowdStrike to flag attempts to disable Falcon or other agents.
Until Apple addresses the underlying validation gap, layering host‑based intrusion detection with regular inventory of privileged XPC endpoints remains the most effective mitigation. Staying current with third‑party security‑agent updates and reviewing entitlements will help prevent abuse of this trust‑boundary flaw.