Facing the same issue where kIOReturnNotSupported is returned as the error definition when trying to send either common or arbitrary SCSI commands to the device using UserSendCDB. Did you have any luck in making this work?

Thanks Quinn for the quick response. The target that I have for my project currently is a command line tool which I am planning to run as a daemon and so I am unable to add the provisioning profile for this. Should I be creating an app project as a wrapper for this so that I can achieve the same as mentioned here for restricted entitlements, [https://developer.apple.com/documentation/xcode/signing-a-daemon-with-a-restricted-entitlement]?)

@Justin Thank you for replying. I am developing a custom DEXT for sending SCSI vendor commands over USB using the BOT protocol. Earlier, this was possible with a KEXT by having IOSCSIPeripheralDevice nub as the provider class (no exclusive access required). About your suggested solution, even though I can match on the IOUSBHostDevice on the whole, the device has only one interface/IOUSBHostInterface nub and ultimately after setting up the device, I would have to open a session to this interface for sending commands to the bulk endpoint. I suppose this would again lead to the exclusive access issue mentioned above as IOUSBHostInterface::Open call is necessary in this case.