The macOS system must disable the Bluetooth system settings pane.

STIG ID: APPL-14-002260  |  SRG: SRG-OS-000095-GPOS-00049 | Severity: medium |  CCI: CCI-000381

Vulnerability Discussion

The Bluetooth System Setting pane must be disabled to prevent access to the Bluetooth configuration.

Check

Verify the macOS system is configured to disable the Bluetooth system settings pane with the following command:

/usr/bin/profiles show -output stdout-xml | /usr/bin/xmllint --xpath '//key[text()="DisabledSystemSettings"]/following-sibling::*[1]' - | /usr/bin/grep -c com.apple.BluetoothSettings

If the result is not "1", this is a finding.

Fix

Configure the macOS system to disable the Bluetooth system settings pane by installing the "com.apple.systempreferences" configuration profiles.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.