Title

Bluetooth support software must be disabled. (Cat II impact)

Discussion

Bluetooth technology and associated devices are susceptible to general wireless networking threats, such as Denial of Service attacks, eavesdropping, man-in-the-middle attacks, message modification, and resource misappropriation. Remove Bluetooth support for peripherals such as keyboards, mice, or phones. This task requires administrator privileges. IMPORTANT: Repeat these instructions every time a system update is installed. Support should be removed at kext level.

Check Content

Open a terminal session and view the /System/Library/Extensions folder. Ensure the following files do NOT exist. IOBluetoothFamily.kext IOBluetoothHIDDriver.kext If any file exists, this is a finding.

Fix Text

Open a terminal session and enter the following commands to remove the files. srm -rf /System/Library/Extensions/IOBluetoothFamily.kext srm -rf /System/Library/Extensions/IOBluetoothHIDDriver.kext sudo touch /System/Library/Extensions NOTE: Repeat these instructions every time a system update is installed.

Additional Identifiers

Rule ID: SV-37198r1_rule

Vulnerability ID: V-25253

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.