Apple iOS/iPadOS 18 must disable ChatGPT connection for Apple Intelligence.

STIG ID: AIOS-18-015400  |  SRG: PP-MDF-993300 |  Severity: medium |  CCI: CCI-000366 |  Vulnerability Id: V-268068

Vulnerability Discussion

The ChatGPT feature of Apple Intelligence allows DOD information to be downloaded from the DOD iPhone/iPad and processed by the ChatGPT application in the cloud. The ChatGPT feature of Apple Intelligence increases the risk of compromise of sensitive DOD information.

SFRID: FMT_MOF_EXT.1.2 #47

Check

Apple Intelligence support for ChatGPT is not expected to be available until iOS/iPad 18.1 and will be available only on specific iPhone and iPad models.

This check procedure is performed on the device management tool.

Note: If an organization has multiple configuration profiles, the check procedure must be performed on the relevant configuration profiles applicable to the scope of the review.

In the iOS management tool, verify "Allow ChatGPT" is unchecked.

If "Allow ChatGPT" is not disabled in the management tool, this is a finding.

Note: As of the publication date of this STIG version (V1R1), the exact name and logic of the ChatGPT management key is not available. When ChatGPT support is released by Apple (expected in iOS/iPadOS 18.1), the required configuration could be either "enable" or "disable". The intent of this requirement is to disable Apple Intelligence ChatGPT access.

Fix

Apple Intelligence support for ChatGPT is not expected to be available until iOS/iPad 18.1 and will be available only on specific iPhone and iPad models.

Install a configuration profile to disable ChatGPT connection for Apple Intelligence.
This website is not created by, run, approved, or endorsed by the U.S. Department of Defense. Use at your own risk. This website is created by open-source software.