UCF STIG Viewer Logo

Smart Card Readers (SCRs) used with CMDs must have required software version installed.


Overview

Finding ID Version Rule ID IA Controls Severity
V-24982 WIR-MOS-iOS-002 SV-30781r3_rule ECSC-1 Low
Description
Required security features are not available in earlier software versions. In addition, there may be known vulnerabilities in earlier versions.
STIG Date
Apple iOS6 Security Technical Implementation Guide 2014-10-07

Details

Check Text ( C-31197r6_chk )
Detailed Policy Requirements:
If a Bluetooth smart card reader is used, only the following models and firmware versions should be used:

SCR: Biometric Associates, LP (BAL) baiMobile BAL-3000MP Bluetooth Smart Card Reader. Firmware version v2.01.00 or later should be used (version v2.02.00 is recommended).

Bluetooth adapter: Biometric Associates, LP (BAL) baiMobile BAL-BTA001 Bluetooth Adapter. Firmware version 1.4.0 or later should be used (version 1.4.4 is recommended).

Check Procedures:
SCR: The version of the reader firmware is displayed when the user presses and holds the Action button on the reader for a couple of seconds after the CAC is inserted into the reader.

Bluetooth adapter: Model and firmware are printed on the label attached to the adapter.

For wired smart card readers, check to see if the vendor has completed JITC PKI interoperability testing. Ask to see a copy of the JITC certification. The firmware version should be the same as listed in the JITC certification (or later version).

Mark as a finding if the firmware version on the SCR and adapter are not the approved versions.
Fix Text (F-27623r1_fix)
Install required SCR software version.