The macOS system must be configured to disable hot corners.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-257148 | APPL-13-000007 | SV-257148r905077_rule | Medium |
| Description |
|---|
| Although hot corners can be used to initiate a session lock or launch useful applications, they can also be configured to disable an automatic session lock from initiating. Such a configuration introduces the risk that a user might forget to manually lock the screen before stepping away from the computer. |
| STIG | Date |
|---|---|
| Apple macOS 13 (Ventura) Security Technical Implementation Guide | 2023-08-28 |
Details
| Check Text ( C-60833r905075_chk ) |
|---|
| Verify the macOS system is configured to disable hot corners with the following command: /usr/sbin/system_profiler SPConfigurationProfileDataType | /usr/bin/grep "wvous" "wvous-bl-corner" = 0; "wvous-br-corner" = 0; "wvous-tl-corner" = 0; "wvous-tr-corner" = 0; If the command does not return the following, this is a finding. "wvous-bl-corner = 0; wvous-br-corner = 0; wvous-tl-corner = 0; wvous-tr-corner = 0;" |
| Fix Text (F-60774r905076_fix) |
|---|
| Configure the macOS system to disable hot corners by installing the "Custom Policy" configuration profile. |