Changes are coming to https://stigviewer.com.
Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey
The mobile operating system's Bluetooth module must support the capability for a system administrator to create a non-user-modifiable white list of Bluetooth devices that are authorized to pair to the mobile device.
Overview
| Finding ID | Version | Rule ID | IA Controls | Severity |
|---|---|---|---|---|
| V-33779 | SRG-OS-000147-MOS-000078 | SV-44204r1_rule | Low |
| Description |
|---|
| If a rogue device can connect to the mobile device, there is the potential for the rogue device to obtain sensitive information. One mechanism for preventing this occurrence is to enforce a white list of devices that are permitted to pair to the mobile device. Devices not on the white list will not be able to pair with the mobile device and therefore cannot communicate with it or obtain sensitive information from it. |
| STIG | Date |
|---|---|
| Mobile Operating System Security Requirements Guide | 2012-10-01 |
Details
| Check Text ( C-41836r1_chk ) |
|---|
| Examine the operating system configuration to verify the presence of a white list of Bluetooth devices authorized to pair to the mobile device. If the operating system does not support this functionality, this is a finding. If the operating system supports the white list functionality, attempt to pair a test Bluetooth device not on the white list with the mobile device. If it successfully pairs, this is a finding. |
| Fix Text (F-37678r1_fix) |
|---|
| Configure the mobile operating system's Bluetooth module to support the capability for a system administrator to create a non-user-modifiable white list of Bluetooth devices that are authorized to pair to the mobile device. |