The macOS system must disable the Screen Sharing feature.

STIG ID: APPL-13-002050  |  SRG: SRG-OS-000480-GPOS-00227 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-257213

Vulnerability Discussion

The Screen Sharing feature allows remote users to view or control the desktop of the current user. A malicious user can take advantage of screen sharing to gain full access to the system remotely, either with stolen credentials or by guessing the username and password. Disabling Screen Sharing mitigates this risk.

Check

Verify the macOS system is configured to disable the Screen Sharing feature with the following command:

/usr/bin/sudo /bin/launchctl print-disabled system | /usr/bin/grep com.apple.screensharing

"com.apple.screensharing => disabled"

If "com.apple.screensharing" is not set to "disabled", this is a finding.

Fix

Configure the macOS system to disable the Screen Sharing service with the following command:

/usr/bin/sudo /bin/launchctl disable system/com.apple.screensharing

The system may need to be restarted for the update to take effect.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.