threatmodel iOS EN - edamametechnologies/threatmodels GitHub Wiki
iOS Threat Model (EN)
Contents
- MDM profiles installed
- Screen lock disabled
- Your device is jailbroken
- Potentially compromised email address
- Unverified network environment
- App is not up to date
- Your OS is not up to date
MDM profiles installed
Threat
Dimension : system integrity / Severity : 5
Tags : Personal Posture
You have one or more Mobile Device Management (MDM) profiles installed on your computer. This means that your device is or can be remotely administered by a 3rd party. If this is your personal device, this is a grave threat and the profiles should be removed.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | mdm_check |
Remediation
https://en.wikipedia.org/wiki/Mobile_device_management
Rollback
https://en.wikipedia.org/wiki/Mobile_device_management
Screen lock disabled
Threat
Dimension : credentials / Severity : 3
Tags : CIS Benchmark Level 1,iOS_Screen_Lock, ISO 27001/2,Access Control, PCI-DSS,Requirement-8.1.7, SOC 2,CC-Access Control
Your device doesn't have a screensaver enabled with a password. It leaves it open for phsyical access by anyone. This is very dangerous!
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | screenlock_check |
Remediation
https://www.youtube.com/watch?v=2t0NrqIwI2s
Rollback
https://www.youtube.com/watch?v=2t0NrqIwI2s
Your device is jailbroken
Threat
Dimension : system integrity / Severity : 5
Tags : CIS Benchmark Level 1, ISO 27001/2,Mobile Device Policy, PCI-DSS,Requirement-5.1, SOC 2,CC-Mobile Device Management
Your device is jailbroken. Either you did it yourself or a bad actor did it to access your personal data. This is very dangerous! You need to restore your device to factory settings.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | jailbreak_check |
Remediation
https://www.youtube.com/watch?v=_VNsH_OWmRw
Rollback
https://www.youtube.com/watch?v=_VNsH_OWmRw
Potentially compromised email address
Threat
Dimension : credentials / Severity : 4
Tags : ISO 27001/2,Information Security Incident Management, PCI-DSS,Requirement-12.10, SOC 2,CC-Incident Response, Personal Posture
Your email address might have recently appeared in a data breach. Please set your email in the Identity tab, review the breaches if any and follow instructions.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | pwned -i 365 |
Remediation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | digitalidentity_manager |
Rollback
https://en.wikipedia.org/wiki/Have_I_Been_Pwned
Unverified network environment
Threat
Dimension : network / Severity : 1
Tags : ISO 27001/2,Information Security Incident Management, PCI-DSS,Requirement-12.10, SOC 2,CC-Incident Response, Personal Posture
The network you are connected to is not a known one. If you are allowed to scan this network, go to the network tab and verify the presence of potentially dangerous devices.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | lanscan |
Remediation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | network_manager |
Rollback
https://en.wikipedia.org/wiki/Port_scanner
App is not up to date
Threat
Dimension : applications / Severity : 3
This app is not up to date. Applications are constantly updated to fix potential security issues. It's your best interest to get updates as soon as you can through automatic updates.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | latestapp_check |
Remediation
https://www.youtube.com/watch?v=ucf4ATXwfuw
Rollback
https://www.youtube.com/watch?v=FG2DXkPA93g
Your OS is not up to date
Threat
Dimension : system integrity / Severity : 3
Tags : CIS Benchmark Level 1, ISO 27001/2,System Update Policy, PCI-DSS,Requirement-6.2, SOC 2,CC-System Updates
Your operating system is not up to date, please proceed to upgrade to get the latest security patches.
Implementation
Tested for | Action | Elevation | Script |
---|---|---|---|
iOS 15 | Command line | user | latestos_check |
Remediation
https://www.youtube.com/watch?v=o4zUfDPwHnM