Apple iOS/iPadOS 18 must disable connections to Siri servers for the purpose of translation.

STIG ID: AIOS-18-014500  |  SRG: PP-MDF-993300 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-268061

Vulnerability Discussion

If a user is able to configure the security setting, the user could inadvertently or maliciously set it to a value that poses unacceptable risk to DOD information systems. An adversary could exploit vulnerabilities created by the weaker configuration to compromise DOD sensitive information. Translation information could contain sensitive DOD information and therefore should not leave the DOD control.

SFRID: FMT_SMF.1.1 #47

Check

This check procedure is performed on the device management tool.

Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.

In the iOS management tool, verify "Disable connections to Siri servers for the purpose of translation" is checked.

If connections to Siri servers are not disabled for translation, this is a finding.

Fix

Configure the Apple iOS configuration profile to disable connections to Siri servers for the purpose of translation.

The procedure for implementing this control will vary depending on the MDM/EMM used by the mobile service provider.

In the MDM console, select "disable connections to Siri servers for the purpose of translation".