Introduction This vulnerability has been disclosed during my & Csaba’s talk “20+ ways to bypass macOS your privacy mechanisms” during Black Hat USA. It was a part of my COVID-19 lockdown research. 😉 In the end this vulnerability led to full TCC bypass as I was able to fully control the TCC database. How I found this vulnerability After the XPC research, I had an idea to verify if it will be possible to use the same tricks but on the macOS processes.