The macOS system must disable AirDrop.

STIG ID: APPL-14-002009  |  SRG: SRG-OS-000080-GPOS-00048 |  Severity: medium |  CCI: CCI-000213,CCI-000381,CCI-001443 |  Vulnerability Id: V-259485 | 

Vulnerability Discussion

AirDrop must be disabled to prevent file transfers to or from unauthorized devices. AirDrop allows users to share and receive files from other nearby Apple devices.

Satisfies: SRG-OS-000080-GPOS-00048,SRG-OS-000095-GPOS-00049,SRG-OS-000300-GPOS-00118

Check

Verify the macOS system is configured to disable AirDrop with the following command:

/usr/bin/osascript -l JavaScript << EOS
$.NSUserDefaults.alloc.initWithSuiteName('com.apple.applicationaccess')\
.objectForKey('allowAirDrop').js
EOS

If the result is not "false", this is a finding.

Fix

Configure the macOS system to disable AirDrop by installing the "com.apple.applicationaccess" configuration profile.