Zebra Android 13 must be configured to enable authentication of personal hotspot connections to the device using a pre-shared key.

An XCCDF Rule

Description

If no authentication is required to establish personal hotspot connections, an adversary may be able to use that device to perform attacks on other devices or networks without detection. A sophisticated adversary may also be able to exploit unknown system vulnerabilities to access information and computing resources on the device. Requiring authentication to establish personal hotspot connections mitigates this risk. Application note: If hotspot functionality is permitted, it must be authenticated via a pre-shared key. There is no requirement to enable hotspot functionality, and it is recommended this functionality be disabled by default. SFR ID: FMT_SMF_EXT.1.1 #41

ID: SV-270054r1052902_rule
Version: ZEBR-13-008700
Severity: Medium
References: CCI-001443 CCI-002314
Updated: about 2 months ago

Remediation Templates

This is a User-Based Enforcement (UBE) control.

Train users to not change the default Wi-Fi hotspot security setting: 15-character complex Wi-Fi hotspot pre-shared key (password) ("WPA2/WPA3-Personal" or WPA3-Personal"). (ZEBR-15-009800)

If the required pre-shared key is not set up, train users to use the following procedure to set up the required setting:
1. Go to Settings >> Network & Internet >> Hotspot & tethering.
2. Enable "Wi-Fi hotspot".
3. On the left of the slide, tap "Wi-Fi Hotspot" to bring up the configuration options.
4. Click the "Security" link and select either "WPA2/WPA3-Personal" or "WPA3-Personal".

Zebra Android 13 must be configured to enable authentication of personal hotspot connections to the device using a pre-shared key.

Description

Remediation Templates

A Manual Procedure