CCE-90307-0Platform: macosx10.10 | Date: (C)2015-06-23 (M)2022-10-10 |
Disable Screen Sharing
The Screen Sharing feature allows remote users to view or control the desktop of the current user. A malicious user can take advantage of Screen Sharing to gain full access to the system remotely, either with stolen credentials or by guessing the username and password. Disabling Screen Sharing mitigates this risk.
Parameter:
enabled/disabled
Technical Mechanism:
To check if screen sharing is disabled, run the following command:
sudo /usr/libexec/PlistBuddy -c 'print com.apple.screensharing:Disabled' /var/db/launchd.db/com.apple.launchd/overrides.plist
If the returned value isn't 'true' or doesn't exist, this is a finding.
CCSS Severity: | CCSS Metrics: |
CCSS Score : | Attack Vector: |
Exploit Score: | Attack Complexity: |
Impact Score: | Privileges Required: |
Severity: | User Interaction: |
Vector: | Scope: |
| Confidentiality: |
| Integrity: |
| Availability: |
| |
References: Resource Id | Reference |
---|
NIST | CM-6 b |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:25084 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31672 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:25084 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:31672 |
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:25084 |