The UEM Agent must only accept policies and policy updates that are digitally signed by a certificate that has been authorized for policy updates by the UEM Server.

An XCCDF Rule

Details
Profiles

Description

It is critical that the UEM agent only use validated certificates for policy updates. Otherwise, there is no assurance that a malicious actor has not inserted itself in the process of packaging the code or policy. Satisfies: FMT_POL_EXT.2.1

ID: SV-234243r617354_rule
Version: SRG-APP-000427-UEM-100007
Severity: Medium
References: CCI-002470
Updated: about 2 months ago

Remediation Templates

Configure the UEM Agent to only accept policies and policy updates that are digitally signed by a certificate that has been authorized for policy updates by the UEM Server.

The UEM Agent must only accept policies and policy updates that are digitally signed by a certificate that has been authorized for policy updates by the UEM Server.

Description

Remediation Templates

A Manual Procedure