Skip to main content

Disconnect unnecessary input devices

Summary​

A virtual machine must not have connected devices that are not necessary for its operation (e.g., Floppy, IDE, CD/DVD, USB, Serial).

Description​

This control refers to the restriction of access and permissions to the minimum necessary functions for the operation of the system. In the context of virtual machines, unnecessary connected devices increase the attack surface, providing potential ways for exploitation. Actions as the use of malicious USB devices, BadUSBs, unauthorized data exfiltration, among others, can be executed against virtual machines and eventually gaining access to the host system.

Supported In​

This requirement is verified in following services

PlanSupported
Essential🔴
Advanced🟢

References​

free trial

Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.