Title

Apple iOS/iPadOS 26 must disable iPhone Mirroring on Mac. (Cat II impact)

Discussion

iPhone Mirroring allows managed data on a DOD iPhone to be manipulated by an unmanaged Mac. In certain situations, this may lead to the exposure of sensitive DOD data like notifications, messages, photos, etc. SFR ID: FMT_MOF_EXT.1.2 #47

Check Content

This check procedure is performed on the device management tool and iPhone. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS management tool, verify "Allow iPhone Mirroring (supervised only)" is unchecked. On the iPhone/iPad device: 1. Open the Settings app. 2. Tap "General". 3. Tap "VPN & Device Management". 4. Tap the Configuration Profile from the iOS management tool containing the restrictions policy. 5. Tap "Restrictions". 6. Verify "iPhone Mirroring not allowed" is listed. If "Allow iPhone Mirroring" is not disabled in the management tool or "iPhone Mirroring not allowed" is not listed on the iPhone, this is a finding.

Fix Text

Install a configuration profile to disable iPhone Mirroring on Mac. This is a supervised-only control. Configuration Profile Key: allowiPhoneMirroring

Additional Identifiers

Rule ID: SV-278831r1150867_rule

Vulnerability ID: V-278831

Group Title: PP-MDF-993300

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.