UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must prohibit remote activation of collaborative computing functions, including microphones, cameras, and networked white boards without user concurrence.


Overview

Finding ID Version Rule ID IA Controls Severity
V-33164 SRG-OS-000175-MOS-000097 SV-43562r1_rule Medium
Description
If an adversary can remotely activate collaborative computing functions, the adversary may be able to listen to the user's conversations, obtain visual data about the user's surroundings, or read sensitive information on the display of the user's device. To mitigate these risks, only a user in immediate possession of the device should be able to activate these functions.
STIG Date
Mobile Operating System Security Requirements Guide 2013-04-12

Details

Check Text ( C-41424r1_chk )
Review system documentation and both operating system and application configuration to determine if it is possible to remotely activate collaborative computing functions. Also, review IA information resources to determine if such vulnerabilities have been reported on devices running this operating system. If it is possible to remotely activate a collaborative computing function, this is a finding.
Fix Text (F-37064r1_fix)
Configure the operating system and relevant applications to prohibit remote activation of collaborative computing functions.