Biometric Auth Failure Allows Lockscreen Bypass on Android Devices

Biometric Auth Failure Allows Lockscreen Bypass on Android Devices

CVE-2023-20924 · MEDIUM Severity

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In (TBD) of (TBD), there is a possible way to bypass the lockscreen due to Biometric Auth Failure. This could lead to local escalation of privilege with physical access to the device with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-240428519References: N/A

Learn more about our Cis Benchmark Audit For Google Android.