Detections
Analytics

VM: vm-8.isolation-device-connectable-deactivate

Information

Virtual machines must prevent unauthorized removal, connection and modification of devices. Preventing unauthorized device modifications in virtual machines blocks non-admin users or processes from connecting, disconnecting, or adjusting device settings. This measure curbs unauthorized access and operation disruption, reducing denial of service risks, as well as some avenues for exfiltrating data.

Solution

Get-VM -Name $VM | Get-AdvancedSetting -Name isolation.device.connectable.disable | Remove-AdvancedSetting

See Also

https://github.com/vmware/vcf-security-and-compliance-guidelines/raw/refs/heads/main/security-configuration-hardening-guide/vsphere/8.0/

Item Details

Category: CONFIGURATION MANAGEMENT

References: 800-53|CM-6b., CCI|CCI-000366

Plugin: VMware

Control ID: 0ca801ee3ffe0353e8378eb0906aecc1b2c05549fbaf86b2cdab4ac03d5aa2fb