UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Required version of the BlackBerry Smart Card Reader (SCR) hardware must be used, and required versions of the drivers must be installed both on the BlackBerry and the SCR.


Overview

Finding ID Version Rule ID IA Controls Severity
V-21949 WIR1040-06 SV-25132r4_rule Low
Description
Required SCR security features are not available in earlier versions, and therefore Bluetooth vulnerabilities will not have been patched.
STIG Date
BlackBerry OS 7.x Security Technical Implementation Guide 2015-07-02

Details

Check Text ( C-26799r6_chk )
Detailed Policy Requirements:

Site BlackBerry devices and SCRs must have required software versions installed.

The BlackBerry SCR hardware must be version 1 (model PRD-09695-004) or version 2 (model PRD-16951-001).

BlackBerry SCR software package version 4.2.0.107 or later is required (Application version 4.2.0.107, Software platform 1.5.0.81).

Apriva Bluetooth SCR (BT200) driver v03-30-02 or later is required.

Biometric Associates BaiMobile 3000MP SCR driver 0.1.3(19.07.13) or later.

Check Procedures:

If using the BlackBerry SCR:

Verify required SCR model is used. The model number can be found under the battery.

Verify required BlackBerry SCR software is being used. On a sample of BlackBerry SCRs (use 2-3 devices for random sample), press and hold the Action button until "rEsetInG" appears, and then read the Application version and Software platform version as they are displayed.

If using the Apriva SCR:

On the BlackBerry, press lower case v (as in Victor) to verify the version number of the Apriva Utility installed on the BlackBerry. On the BlackBerry, press lower case r (as in Romeo) to verify the version number of the Apriva driver installed on the Apriva SCR.

If using the Biometric Associates SCR:

On the BlackBerry, go to Settings >> Device >> Application Management >> baiSmartCardReader and verify the version number of the installed driver.

If the required driver is not installed, this is a finding.
Fix Text (F-11479r1_fix)
Comply with DoD policy.