CCE-99305-5| Platform: cpe:/o:microsoft:windows_11 | Date: (C)2023-03-11 (M)2023-07-14 |
If the Password protect the screen saver setting is enabled, then all screen savers are password protected, if it is disabled then password protection cannot be set on any screen saver. If this setting is enabled, then all screen savers are password protected.
Fix:
(1) GPO: User ConfigurationAdministrative TemplatesControl PanelPersonalization!Password protect the screen save
(2) REG: HKEY_USERSSoftwarePoliciesMicrosoftWindowsControl PanelDesktop!ScreenSaverIsSecure
Parameter:
[enable/disable]
Technical Mechanism:
(1) GPO: User Configuration\Administrative Templates\Control Panel\Personalization!Password protect the screen saver
(2) REG: HKEY_USERS\Software\Policies\Microsoft\Windows\Control Panel\Desktop!ScreenSaverIsSecure
| CCSS Severity: | CCSS Metrics: |
| CCSS Score : 6.8 | Attack Vector: PHYSICAL |
| Exploit Score: 0.9 | Attack Complexity: LOW |
| Impact Score: 5.9 | Privileges Required: NONE |
| Severity: MEDIUM | User Interaction: NONE |
| Vector: AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H | Scope: UNCHANGED |
| | Confidentiality: HIGH |
| | Integrity: HIGH |
| | Availability: HIGH |
| | |
References: | Resource Id | Reference |
|---|
| SCAP Repo OVAL Definition | oval:org.secpod.oval:def:87980 |
