CVE-2023-21068

Name of the Vulnerable Software and Affected Versions Android versions prior to the fixed version

Description The issue allows for local escalation of privilege due to a missing warning to the user, enabling the device to boot with a hidden debug policy. This can be exploited by preparing the device, hiding the warning, and then passing it to a new user, requiring no additional execution privileges. User interaction is not necessary for exploitation.

Recommendations For Android versions prior to the fixed version, consider disabling the debug policy feature until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.