Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-235045 | HONW-09-002800 | SV-235045r626530_rule | Medium |
Description |
---|
Developer modes expose features of the Honeywell Android device that are not available during standard operation. An adversary may leverage a vulnerability inherent in a developer mode to compromise the confidentiality, integrity, and availability of DoD sensitive information. Disabling developer modes mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #26 |
STIG | Date |
---|---|
Honeywell Android 9.x COBO Security Technical Implementation Guide | 2021-01-25 |
Check Text ( C-38233r623045_chk ) |
---|
Review Honeywell Android device configuration settings to determine whether a developer mode is enabled. This validation procedure is performed on both the MDM Administration console and the Android Pie device. On the MDM console: 1. Open Restrictions section. 2. Confirm that "Debugging Features" is set to "Disallow". On the Honeywell Android Pie device: 1. Go to Settings >> System. 2. Ensure Developer Options is not listed. If the MDM console device policy is not set to disable developer mode or on the Honeywell Android Pie device, the device policy is not set to disable developer mode, this is a finding. |
Fix Text (F-38196r623046_fix) |
---|
Configure the Honeywell Android device to disable developer modes. On the MDM console: 1. Open Restrictions section. 2. Set "Debugging Features" to "Disallow". |