Title

Apple iOS/iPadOS 18 must disable the ability to hide apps. (Cat I impact)

Discussion

Hidden apps cannot be seen by enterprise management applications (e.g., MDM server), and therefore, unauthorized apps or apps with embedded malware could be installed and hidden from the MDM or mobile threat detection (MTD) apps. Hidden apps may lead to the compromise of sensitive DOD data or provide a vector to attacks on the DOD network. FMT_MOF_EXT.1.2 #47

Check Content

This check procedure is performed on the device management tool and the iPhone and iPad. Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review. In the iOS management tool, verify "Allow Apps to be hidden" is unchecked. On the iPhone and iPad device: 1. Open the Settings app. 2. Tap "Apps". 3. At the bottom of the list of Apps, tap "Hidden Apps". 4. Verify there are no hidden apps listed. If "Allow Apps to be hidden" is not disabled in the management tool or there are hidden apps installed on enterprise iPhones and iPads, this is a finding.

Fix Text

Install a configuration profile to disable hiding apps on iPhones and iPads.

Additional Identifiers

Rule ID: SV-272169r1067622_rule

Vulnerability ID: V-272169

Group Title: PP-MDF-993300

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.