CCE-43993-5Platform: cpe:/o:microsoft:windows_10 | Date: (C)2016-09-23 (M)2023-07-04 |
Disable: 'Do not display network selection UI' for DontDisplayNetworkSelectionUI
This policy setting allows you to control whether anyone can interact with available networks UI on the logon screen.
If you enable this policy setting, the PC's network connectivity state cannot be changed without signing into Windows.
If you disable or don't configure this policy setting, any user can disconnect the PC from the network or can connect the PC to other available networks without signing into Windows.
Counter Measure:
Enable and configure this setting.
Potential Impact:
Users will need to log on to Windows with their device each time they want to disconnect from the current network or connect to another one.
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: Computer ConfigurationAdministrative TemplatesSystemLogonDo not display network selection UI
(2) REG: HKEY_LOCAL_MACHINESoftwarePoliciesMicrosoftWindowsSystemDontDisplayNetworkSelectionUI
CCSS Severity: | CCSS Metrics: |
CCSS Score : 6.1 | Attack Vector: PHYSICAL |
Exploit Score: 0.9 | Attack Complexity: LOW |
Impact Score: 4.7 | Privileges Required: NONE |
Severity: MEDIUM | User Interaction: NONE |
Vector: AV:P/AC:L/PR:N/UI:N/S:C/C:L/I:N/A:H | Scope: CHANGED |
| Confidentiality: LOW |
| Integrity: NONE |
| Availability: HIGH |
| |
References: Resource Id | Reference |
---|
SCAP Repo OVAL Definition | oval:org.secpod.oval:def:35369 |