CVE-2021-0568

Name of the Vulnerable Software and Affected Versions: Android versions Android-11

Description: The issue is related to a missing permission check in the DevicePolicyManagerService.java file, which could allow for the enabling of disabled profiles. This could lead to a local escalation of privilege without requiring any additional execution privileges. The exploitation of this issue does not require user interaction.

Recommendations: For Android version Android-11, consider restricting access to the DevicePolicyManagerService until a patch is available. As a temporary workaround, review and restrict any profiles that could be exploited due to the missing permission check. At the moment, there is no information about a newer version that contains a fix for this vulnerability.