Detections
Analytics
APPL-26-005090 - The macOS system must authorize USB devices before allowing connection.
Information
USB devices connected to a Mac must be authorized.[IMPORTANT]
====
This feature is removed if a smart card is paired or smart card attribute mapping is configured.
====
Without authenticating devices, unidentified or unknown devices may be introduced, thereby facilitating malicious activity.
Satisfies: SRG-OS-000378-GPOS-00163, SRG-OS-000690-GPOS-00140
Solution
Configure the macOS system to authorize USB devices before allowing connection by installing the "com.apple.applicationaccess" configuration profile.See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_macOS_26_V1R2_STIG.zip
Item Details
Audit Name: DISA Apple macOS 26 Tahoe STIG v1r2
Category: IDENTIFICATION AND AUTHENTICATION
References: 800-53|IA-3, CAT|II, CCI|CCI-001958, CCI|CCI-003959, Rule-ID|SV-277177r1148983_rule, STIG-ID|APPL-26-005090, Vuln-ID|V-277177
Plugin: Unix
Control ID: 72fe0d3ce6d75d8f617218bf0f5625365a0c4dd6d6d570733e87b14b836fbacb