V-278017
SV-278017r1180757_rule
CAT II
Windows Server 2025 must not have Wi-Fi enabled unless required by the organization.
From: Microsoft Windows Server 2025 Security Technical Implementation Guide (V1R1)
Description
<VulnDiscussion>Unnecessary connections could increase the attack surface of a system. Some of these services may not support required levels of authentication or encryption.</VulnDiscussion><FalsePositives></FalsePositives><FalseNegatives></FalseNegatives><Documentable>false</Documentable><Mitigations></Mitigations><SeverityOverrideGuidance></SeverityOverrideGuidance><PotentialImpacts></PotentialImpacts><ThirdPartyTools></ThirdPartyTools><MitigationControl></MitigationControl><Responsibility></Responsibility><IAControls></IAControls>
Check Procedure
Open PowerShell or a Command prompt.
Type "IP Config /All".
If there is a connection named "Wi-Fi" or "Wireless", this is a finding.
Fix Text
Validate the site documentation to ensure the approval of use for Wi-Fi server connections.
If the connection (s) have not been approved, go to "Settings" then "Network and Internet" and remove/disable the Wi-Fi adapter. Any Wi-Fi connections listed or in use must be documented and approved by the information system security officer (ISSO) or authorizing official (AO).
CCI Reference
CCI-000382- Created
- 2026-04-07 20:08:26
- Last Updated
- 2026-04-07 20:08:26