Detections
Analytics
AIOS-26-018300 - Apple iOS/iPadOS 26 must be configured to disable Wi-Fi Aware.
Information
Wi-Fi Aware allows direct connections between nearby devices for fast data transfer, video streaming, and multiplayer gaming. It allows full peer-to-peer device discovery and communication where two or more devices are publishing and/or subscribing to the same known service name. There is risk that sensitive DOD information could be transferred from a DOD mobile device to a non-DOD device or from Work Profile apps on a DOD device to Personal Profile apps on a non-DOD device.SFR ID: FMT_MOF_EXT.1.2 #47
SFR ID: FMT_SMF.1.1 #47
NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.
Solution
Remove Wi-Fi Aware-capable apps on site managed Apple iOS/iPadOS 26 devices.There are three steps to implementing this control:
1. Train all users to not accept connection requests from nearby devices. This requirement is met by AIOS-26-0011900.
2a. Review all MDM managed apps deployed to site iPhones and iPads. If an app supports Wi-Fi Aware, it must be removed from all site devices.
Note: There is currently no management API/key to disable Wi-Fi Aware on Apple devices.
2b. If a site manages unmanaged apps on site iPhones and iPads, review all unmanaged apps deployed on site iPhones and iPads. If an app supports Wi-Fi Aware, it must be removed from all site devices.
3a. For managed apps being reviewed for approval, the site app vetting process must determine if the app supports Wi-Fi Aware. If Wi-Fi Aware is supported, the app must not be approved for use on site iPhones and iPads.
3b. If a site manages unmanaged apps on site iPhones and iPads, the site app vetting process must determine if the app supports Wi-Fi Aware. If Wi-Fi Aware is supported, the app must not be approved for use on site iPhones and iPads.
See Also
https://dl.dod.cyber.mil/wp-content/uploads/stigs/zip/U_Apple_iOS-iPadOS_26_V1R2_STIG.zip
Item Details
Audit Name: MobileIron - DISA Apple iOS/iPadOS 26 v1r2
Category: CONFIGURATION MANAGEMENT
References: 800-53|CM-6b., CAT|II, CCI|CCI-000366, Rule-ID|SV-278853r1151257_rule, STIG-ID|AIOS-26-018300, Vuln-ID|V-278853
Plugin: MDM
Control ID: fd69d9ed968d20614d0f4b8029922e651eb40629ad5c2a8df118169d4eb54705