CVE-2026-33631 Overview
ClearanceKit is a macOS security framework that intercepts file-system access events and enforces per-process access policies. A critical authorization bypass vulnerability exists in versions on the 4.1 branch and earlier, where the opfilter Endpoint Security system extension enforced file access policy exclusively by intercepting ES_EVENT_TYPE_AUTH_OPEN events. Seven additional file operation event types were not intercepted, allowing any locally running process to bypass the configured File Access Authorization (FAA) policy without triggering a denial.
Critical Impact
Local attackers can completely bypass file access policies on macOS systems using ClearanceKit, enabling unauthorized file operations including rename, unlink, link, create, truncate, copyfile, and readdir without security controls.
Affected Products
- ClearanceKit versions on the 4.1 branch and earlier
- ClearanceKit opfilter Endpoint Security system extension
- macOS systems utilizing ClearanceKit for file access policy enforcement
Discovery Timeline
- 2026-03-26 - CVE CVE-2026-33631 published to NVD
- 2026-03-26 - Last updated in NVD database
Technical Details for CVE-2026-33631
Vulnerability Analysis
This vulnerability is classified as CWE-862 (Missing Authorization), representing a significant gap in the security enforcement layer of ClearanceKit's file access control system. The opfilter Endpoint Security system extension was designed to intercept file operations and apply per-process access policies, but the implementation only subscribed to ES_EVENT_TYPE_AUTH_OPEN events in the macOS Endpoint Security framework.
Seven critical file operation event types were completely unmonitored: AUTH_RENAME, AUTH_UNLINK, AUTH_LINK, AUTH_CREATE, AUTH_TRUNCATE, AUTH_COPYFILE, and AUTH_READDIR. This oversight allowed any locally running process to perform these operations freely, circumventing the entire FAA policy framework without generating any security events or denials.
Root Cause
The root cause is incomplete event subscription in the Endpoint Security framework integration. The original implementation assumed that intercepting open events would provide sufficient coverage for file access control, but macOS provides distinct authorization events for different file operations. By only subscribing to ES_EVENT_TYPE_AUTH_OPEN, the security extension left a significant attack surface unprotected.
Attack Vector
The attack requires local access to a macOS system running ClearanceKit with the vulnerable opfilter extension. An attacker with standard user privileges can leverage any of the seven unmonitored file operations to bypass configured access policies. For example, instead of opening a protected file (which would be blocked), an attacker could rename it, create symbolic links, or perform other file system operations that were not being intercepted.
private let logger = Logger(subsystem: "uk.craigbass.clearancekit.opfilter", category: "faa")
-// MARK: - OpenFileEvent
+// MARK: - FileOperation
+
+enum FileOperation: String {
+ case open = "open"
+ case rename = "rename"
+ case unlink = "unlink"
+ case link = "link"
+ case create = "create"
+ case truncate = "truncate"
+ case copyfile = "copyfile"
+ case readdir = "readdir"
+}
+
+// MARK: - FileAuthEvent
-struct OpenFileEvent: Sendable {
+struct FileAuthEvent: Sendable {
+ let operation: FileOperation
let path: String
let processIdentity: ProcessIdentity
let processID: pid_t
Source: GitHub Commit a3d1733
Detection Methods for CVE-2026-33631
Indicators of Compromise
- Unexpected file rename, unlink, or link operations on protected paths without corresponding policy denials
- File system modifications to protected directories that bypass audit logging
- Processes performing copyfile, truncate, or readdir operations on policy-protected paths without generating alerts
Detection Strategies
- Monitor macOS Unified Logging for file system operations that do not correlate with expected FAA policy evaluations
- Implement file integrity monitoring on critical directories to detect unauthorized modifications via unmonitored event types
- Review Endpoint Security event subscriptions to verify all eight file operation event types are being intercepted
Monitoring Recommendations
- Enable enhanced file system auditing via auditd or eslogger to capture events independently of ClearanceKit
- Deploy SentinelOne agents to monitor for anomalous file system behavior patterns that may indicate policy bypass attempts
- Establish baseline file system activity and alert on deviations, particularly for rename, link, and unlink operations on sensitive paths
How to Mitigate CVE-2026-33631
Immediate Actions Required
- Upgrade ClearanceKit to any version on the 4.2 branch which contains the complete fix
- Verify the opfilter system extension is updated and properly loaded after upgrade
- Audit file system changes on critical paths that may have occurred while running vulnerable versions
Patch Information
The vulnerability is addressed in commit a3d1733 which adds subscriptions for all seven previously unmonitored event types (AUTH_RENAME, AUTH_UNLINK, AUTH_LINK, AUTH_CREATE, AUTH_TRUNCATE, AUTH_COPYFILE, AUTH_READDIR) and routes them through the existing FAA policy evaluator. Additionally, the patch implements special handling for XProtect paths where AUTH_RENAME and AUTH_UNLINK events are allowed and trigger the existing onXProtectChanged callback rather than being evaluated against user policy.
For patch details, see the GitHub Security Advisory GHSA-25f8-8cj2-m887 and the commit implementing the fix.
Workarounds
- No known workarounds are available for this vulnerability
- The only effective mitigation is upgrading to ClearanceKit version 4.2 or later
- Consider supplementing with additional file system monitoring tools until the upgrade can be completed
# Verify ClearanceKit version after upgrade
# Check that opfilter system extension is running version 4.2+
systemextensionsctl list | grep clearancekit
# Review current Endpoint Security subscriptions
eslogger --info
Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.
