ClearanceKit CVE-2026-40599

| EUVD-2026-24209 HIGH
Incorrect Authorization (CWE-863)
2026-04-21 [email protected]
Authentication Bypass Apple
8.4
CVSS 4.0
Share

CVSS VectorNVD

CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector
Local
Attack Complexity
Low
Privileges Required
Low
User Interaction
None
Scope
X

Lifecycle Timeline

3
Re-analysis Queued
Apr 21, 2026 - 19:22 vuln.today
cvss_changed
Patch available
Apr 21, 2026 - 19:01 EUVD
Analysis Generated
Apr 21, 2026 - 18:48 vuln.today

DescriptionNVD

ClearanceKit intercepts file-system access events on macOS and enforces per-process access policies. Prior to 5.0.5, ClearanceKit incorrectly treats a process with an empty Team ID and a non-empty Signing ID as an Apple platform binary. This bug allows a malicious software to impersonate an apple process in the global allowlist, and access all protected files. This vulnerability is fixed in 5.0.5.

AnalysisAI

ClearanceKit 5.0.4 and earlier allows local attackers with low-privilege accounts to bypass file-system access controls and read/modify all protected files by spoofing Apple platform binary status. The vulnerability stems from incorrect validation of code signing identifiers - specifically, treating processes with empty Team IDs but non-empty Signing IDs as trusted Apple binaries. …

Sign in for full analysis, threat intelligence, and remediation guidance.

RemediationAI

Within 24 hours: Inventory all systems running ClearanceKit 5.0.4 or earlier and assess criticality based on stored sensitive data. Within 7 days: Implement compensating controls (see below) and restrict local account privileges where operationally feasible; contact Clearance for patch timeline. …

Sign in for detailed remediation steps.

Full analysis requires sign-in

Get intelligence summaries, risk assessment, exploit details, threat intel, and remediation guidance.

Sign in - Free

Share

CVE-2026-40599 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy