STIGhubSTIGhub
STIGsRMF ControlsCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • RMF Controls
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 4 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Virtual Machine Manager Security Requirements Guide

V-207446

CAT II (Medium)

The VMM must prevent all software from executing at higher privilege levels than users executing the software.

Rule ID

SV-207446r958730_rule

STIG

Virtual Machine Manager Security Requirements Guide

Version

V2R3

CCIs

CCI-002233

Discussion

In certain situations, guest VMs, applications, and programs need to execute with elevated privileges to perform required functions. However, if the privileges required for execution are at a higher level than the privileges assigned to VMM users invoking such applications/programs, those users are indirectly provided with greater privileges than assigned by organizations. Some guest VMs, applications, programs, and processes are required to operate at a higher privilege level and therefore should be excluded from this restriction after review.

Check Content

Verify the VMM prevents all software from executing at higher privilege levels than users executing the software.

If it does not, this is a finding.

Fix Text

Configure the VMM to prevent all software from executing at higher privilege levels than users executing the software.