A disclosed but unpatched macOS security gap allows standard non-administrator users to disable endpoint security tools and browser protections without elevated privileges, removing the requirement for privilege escalation from the defense evasion step of the attack chain. No CVE has been assigned, no Apple security advisory has been published, and no patch is available, leaving enterprise macOS fleets with an unmitigated coverage gap that must be addressed through compensating controls and heightened EDR health monitoring.