Title

LG Android 6.x must implement the management setting: Disable Nearby devices. (Cat II impact)

Discussion

The Nearby devices feature allows the user to share files with other devices that are connected on the same Wi-Fi access point using the DLNA technology. Even though the user must allow requests from other devices, this feature can potentially result in unauthorized access to and compromise of sensitive DoD files. Disabling this feature will mitigate this risk. SFR ID: FMT_SMF_EXT.1.1 #45

Check Content

This validation procedure is performed both on the MDM console and the LG Android device. On the MDM console, do the following: 1. Ask the MDM administrator to display the "Allow DLNA" settings. 2. Verify the value is disabled. 3. Verify the policy has been assigned to all groups. On the LG Android device: 1. Select Settings >> Networks >> Share & connect 2. Try to launch "Media server". 3. Verify "Media server" is disabled and the following message is displayed: "DLNA discovery is unavailable by server policy." If on the MDM console "Allow DLNA" configuration is enabled or the LG Android device the "Media server" is not disabled, this is a finding.

Fix Text

Configure the mobile operating system to disable DLNA. On the MDM Administration Console, disable "Allow DLNA".

Additional Identifiers

Rule ID: SV-81369r2_rule

Vulnerability ID: V-66879

Group Title:

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.