Mattermost Desktop App versions <6.0.0 fail to enable the Hardened Runtime on the Mattermost Desktop App when packaged for Mac App Store which allows an attacker to inherit TCC permissions via copying the binary to a tmp folder.
The product does not use or incorrectly uses a protection mechanism that provides sufficient defense against directed attacks against the product.