Secure Endpoint Mac Connector Loses Full Disk Access Permission after macOS 13 Ventura Upgrade on non-MDM Managed Macs

Available Languages

Download Options

  • PDF     (364.9 KB)
    View with Adobe Reader on a variety of devices
  • ePub     (397.0 KB)
    View in various apps on iPhone, iPad, Android, Sony Reader, or Windows Phone
  • Mobi (Kindle)     (243.4 KB)
    View on Kindle device or Kindle app on multiple devices
Updated:December 9, 2022
Document ID:218370

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

    Introduction

    This document describes guidance to regain Full Disk Access (FDA) for a Secure Endpoint Mac connector that is not MDM managed on macOS Ventura 13.0.

    Issue Description

    On non-MDM-managed systems, Secure Endpoint Mac connector runs in degraded mode after an upgrade to macOS 13 Ventura 13.0.

    Even though previously granted, Full Disk Access permission does not persist; in fact, the permission appears to be enabled in the Privacy and Security System Settings UI, but the system extension does not actually have the granted permission.

    Affected Secure Endpoint Mac Connector version

    Secure Endpoint Mac connector 1.14 or newer

    Affected macOS version:

    macOS 13.0 - Ventura

    Note: this issue is fixed in macOS Ventura 13.1.

    MDM Profiles

    The issue does not affect MDM managed computers where Full Disk Access for Secure Endpoint connector is granted through MDM.

    Resolution

    Option 1: Upgrade to macOS Ventura 13.1

    This problem is resolved in macOS Ventura 13.1. If the Secure Endpoint Mac connector is in a degraded mode on macOS Ventura 13.0, an upgrade to macOS Ventura 13.1 resolves the issue without any further action.

    Option 2: Manually remove FDA for Secure Endpoint System Monitor

    FDA warning

    1.  In the Secure Endpoint menu, click the Grant Full Disk Access warning to open the Full Disk Access page in System Settings. Alternatively, navigate to the Full Disk Access page manually in System Settings under Privacy & Security.
      Remove System Monitor FDA
    2. Remove the Secure Endpoint System Monitor bundle. To do so:

          a) Click on Secure Endpoint System Monitor to highlight it

          b) Click the minus sign and enter the admin password if prompted

          Only remove the Secure Endpoint System Monitor bundle. Do not remove the Secure Endpoint Service bundle.

    3. Wait for the connector to automatically add the Secure Endpoint System Monitor back to the Full Disk Access page (this can take up to 30 seconds).Enable System Monitor FDA
    4. Click the toggle to enable Full Disk Access for the Secure Endpoint System Monitor.

    Option 3: Disable FDA for the Secure Endpoint System Monitor with the tccutil command

    1. Open a terminal and enter this command and the admin password when prompted: 
      sudo tccutil reset SystemPolicyAllFiles com.cisco.endpoint.svc.securityextension
      FDA warning
    2. In the Secure Endpoint menu, click the Grant Full Disk Access warning to open the Full Disk Access page in System Settings. Alternatively, navigate to the Full Disk Access page manually in System Settings under Privacy & Security.
      Enable System Monitor FDA
    3. Click the toggle to enable Full Disk Access for the Secure Endpoint System Monitor.

    Revision History

    Revision Publish Date Comments
    2.0
    09-Dec-2022
    Upgrading to macOS 13.1 will resolve this issue.
    1.0
    28-Oct-2022
    Initial Release
    TAC Authored

    Contributed by Cisco Engineers

    Was this Document Helpful?

    FeedbackFeedback

    Contact Cisco

    This Document Applies to These Products