Samsung Android must be configured to disable USB mass storage mode.
An XCCDF Rule
Description
<VulnDiscussion>USB mass storage mode enables the transfer of data and software from one device to another. This software can include malware. When USB mass storage is enabled on a mobile device, it becomes a potential vector for malware and unauthorized data exfiltration. Prohibiting USB mass storage mode mitigates this risk. SFR ID: FMT_SMF_EXT.1.1 #39</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
- ID
- SV-255149r867384_rule
- Severity
- Medium
- References
- Updated
Remediation - Manual Procedure
Configure the Samsung Android devices to disable USB mass storage mode.
On the management tool, in the device restrictions, set "USB file transfer" to "Disallow".
DeX drag and drop file transfer capabilities will be prohibited, but all other DeX capabilities remain useable.