Check: KNOX-14-225060
Samsung Android OS 14 with Knox 3.x COPE STIG:
KNOX-14-225060
(in versions v1 r2 through v1 r1)
Title
The Samsung Android device work profile must be configured to disable the autofill services. (Cat II impact)
Discussion
The autofill services allow the user to complete text inputs that could contain sensitive information, such as personally identifiable information (PII), without previous knowledge of the information. By allowing the use of autofill services, an adversary who learns a user's Android 14 device password, or who otherwise is able to unlock the device, may be able to further breach other systems by relying on the autofill services to provide information unknown to the adversary. By disabling the autofill services, the risk of an adversary gaining further information about the device's user or compromising other systems is significantly mitigated. Examples of apps that offer autofill services include Samsung Pass, Google, Dashlane, LastPass, and 1Password. SFR ID: FMT_SMF_EXT.1.1 #47
Check Content
Review the Samsung Android 14 work profile configuration settings to confirm that autofill services are disabled. This validation procedure is performed on the management tool. On the management tool: 1. Open "Set user restrictions". 2. Verify "Disable autofill" is toggled to "ON". If on the management tool the "disallow autofill" is not selected, this is a finding.
Fix Text
Configure the Samsung Android 14 device to disable the autofill services. On the management tool, in the Work profile User restrictions section, set "Disable autofill" to "Enable".
Additional Identifiers
Rule ID: SV-258698r931294_rule
Vulnerability ID: V-258698
Group Title: PP-MDF-993300
Expert Comments
CCIs
Number | Definition |
---|---|
CCI-000366 |
The organization implements the security configuration settings. |
Controls
Number | Title |
---|---|
CM-6 |
Configuration Settings |