CVE-2022-20268

Name of the Vulnerable Software and Affected Versions Android versions Android-13

Description In RestrictionsManager, there is a possible way to send a broadcast that should be restricted to system apps due to a permissions bypass. This could lead to local escalation of privilege on an enterprise managed device with no additional execution privileges needed. User interaction is not needed for exploitation.

Recommendations For Android version Android-13, consider restricting broadcasts to system apps to prevent local escalation of privilege until a patch is available. As a temporary workaround, review and limit the use of the RestrictionsManager to minimize the risk of exploitation.