The macOS system must disable Bluetooth sharing.

STIG ID: APPL-14-002110  |  SRG: SRG-OS-000080-GPOS-00048 |  Severity: medium |  CCI: CCI-000213,CCI-000381 |  Vulnerability Id: V-259519 | 

Vulnerability Discussion

Bluetooth Sharing must be disabled.

Bluetooth Sharing allows users to wirelessly transmit files between the macOS and Bluetooth-enabled devices, including personally owned cellphones and tablets. A malicious user might introduce viruses or malware onto the system or extract sensitive files via Bluetooth Sharing. When Bluetooth Sharing is disabled, this risk is mitigated.

[NOTE]
====
The check and fix are for the currently logged on user. To get the currently logged on user, run the following.
[source,bash]
----
CURRENT_USER=$( /usr/sbin/scutil <<< "show State:/Users/ConsoleUser" | /usr/bin/awk '/Name :/ && ! /loginwindow/ { print $3 }' )
----
====

Satisfies: SRG-OS-000080-GPOS-00048,SRG-OS-000095-GPOS-00049

Check

Verify the macOS system is configured to disable Bluetooth sharing with the following command:

/usr/bin/sudo -u "$CURRENT_USER" /usr/bin/defaults -currentHost read com.apple.Bluetooth PrefKeyServicesEnabled

If the result is not "0", this is a finding.

Fix

Configure the macOS system to disable Bluetooth sharing with the following command:

/usr/bin/sudo -u "$CURRENT_USER" /usr/bin/defaults -currentHost write com.apple.Bluetooth PrefKeyServicesEnabled -bool false
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.