Check: APPL-15-002110
Apple macOS 15 (Sequoia) STIG:
APPL-15-002110
(in versions v1 r3 through v1 r1)
Title
The macOS system must disable Bluetooth Sharing. (Cat II impact)
Discussion
Bluetooth Sharing must be disabled. Bluetooth Sharing allows users to wirelessly transmit files between the macOS and Bluetooth-enabled devices, including personally owned cellphones and tablets. A malicious user might introduce viruses or malware onto the system or extract sensitive files via Bluetooth Sharing. When Bluetooth Sharing is disabled, this risk is mitigated. [NOTE] ==== The check and fix are for the currently logged in user. To get the currently logged in user, run the following. [source,bash] ---- CURRENT_USER=$( /usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk '/Name :/ && ! /loginwindow/ { print $3 }' ) ---- ==== Satisfies: SRG-OS-000080-GPOS-00048, SRG-OS-000095-GPOS-00049
Check Content
Verify the macOS system is configured to disable Bluetooth sharing with the following command: /usr/bin/defaults -currentHost read com.apple.Bluetooth PrefKeyServicesEnabled If the result is not "0", this is a finding.
Fix Text
Configure the macOS system to disable Bluetooth sharing with the following command: /usr/bin/defaults -currentHost write com.apple.Bluetooth PrefKeyServicesEnabled -bool false
Additional Identifiers
Rule ID: SV-268518r1034494_rule
Vulnerability ID: V-268518
Group Title: SRG-OS-000080-GPOS-00048
Expert Comments
CCIs
| Number | Definition |
|---|---|
| CCI-000213 |
Enforce approved authorizations for logical access to information and system resources in accordance with applicable access control policies. |
| CCI-000381 |
Configure the system to provide only organization-defined mission essential capabilities. |