4.9 Ensure the latest iOS device architecture is used by high-value targets

Information

This recommendation pertains to the physical device(s) used by high-value targets.

Rationale:

Physical security exploits against iOS devices are rarely demonstrated within two years of the release of the underlying architecture. For users whose physical iOS device(s) may be targeted, it is prudent to use the most recently released architecture.

NOTE: Nessus has not performed this check. Please review the benchmark to ensure target compliance.

Solution

Replace the device(s).
As of publication, the latest iOS device architectures are:

iPhone 13 and iPhone 13 Mini using the Apple A15 Bionic processor

iPhone 13 Pro and iPhone 13 Pro Max using the Apple A15 Bionic processor

iPad Mini 8.3' using the Apple A15 Bionic processor

iPad 10.2' using the Apple A13 Bionic processor

iPad Air 10.9' using the Apple A14 Bionic processor

iPad Pro 11' and 12.9' using the Apple M1 processor

Additional Information:

Apple provides the following material on identifying iOS device hardware. For iPhone, see: https://support.apple.com/en-us/HT201296. For iPad, see: https://support.apple.com/en-us/HT201471.

The term high-value targets is being used to refer to users who may be likely to experience a physical-level device attack. Examples include:

Politicians

Journalists

Activists

Civilian government or military personnel

Business executives

Wealthy individuals

See Also

https://workbench.cisecurity.org/benchmarks/15548

Item Details

Category: CONFIGURATION MANAGEMENT, PROGRAM MANAGEMENT

References: 800-53|CM-8, 800-53|CM-8(1), 800-53|PM-5, CSCv7|1.4

Plugin: MDM

Control ID: 58636034137373e923f3a4b85131c7e675b927a2a851de1ce60cbedd1cccb026