ID HUAWEI-SA-20180822-01-FRPBYPASS
Type huawei
Reporter Huawei Technologies
Modified 2018-08-22T00:00:00
Description
Products
Switches
Routers
WLAN
Servers
See All
Solutions
Cloud Data Center
Enterprise Networking
Wireless Private Network
Solutions by Industry
See All
Services
Training and Certification
ICT Lifecycle Services
Technology Services
Industry Solution Services
See All
See all offerings at e.huawei.com
Need Support ?
Product Support
Software Download
Community
Tools
Go to Full Support
{"id": "HUAWEI-SA-20180822-01-FRPBYPASS", "bulletinFamily": "software", "title": "Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones", "description": "Products\n\nSwitches\nRouters\nWLAN\nServers\nSee All\n\n\n\nSolutions\n\nCloud Data Center\nEnterprise Networking\nWireless Private Network\nSolutions by Industry\nSee All\n\n\n\nServices\n\nTraining and Certification\nICT Lifecycle Services\nTechnology Services\nIndustry Solution Services\nSee All\n\n\n\nSee all offerings at e.huawei.com\n\n\n\nNeed Support ?\n\nProduct Support\nSoftware Download\nCommunity\nTools\n\nGo to Full Support", "published": "2018-08-22T00:00:00", "modified": "2018-08-22T00:00:00", "cvss": {"score": 4.9, "vector": "AV:LOCAL/AC:LOW/Au:NONE/C:NONE/I:COMPLETE/A:NONE/"}, "href": "https://www.huawei.com/en/psirt/security-advisories/2018/huawei-sa-20180822-01-frpbypass-en", "reporter": "Huawei Technologies", "references": [], "cvelist": ["CVE-2018-7911"], "type": "huawei", "lastseen": "2019-02-01T18:01:51", "edition": 1, "viewCount": 2, "enchantments": {"score": {"value": 5.6, "vector": "NONE", "modified": "2019-02-01T18:01:51", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-7911"]}], "modified": "2019-02-01T18:01:51", "rev": 2}, "vulnersScore": 5.6}, "affectedSoftware": [{"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.106(C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.125(SP1C00)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.107(SP7C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.113(SP2C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.120(SP2C01)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.126(SP2C01)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.105(SP7C00)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.108(SP6C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.126(SP5C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.120(SP2C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.125(SP1C01)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.113(SP7C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.128(SP2C00)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.109(SP2C00)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.108(SP6C00)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.108(SP3C00)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.107(SP5C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.126(SP5C01)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.106(SP3C00)"}, {"name": "Charlotte-AL00A", "operator": "eq", "version": "8.1.0.107(SP7C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.125(SP3C01)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.129(SP2C01)"}, {"name": "ALP-AL00B-RSC", "operator": "eq", "version": "1.0.0.2"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.126(SP2C00)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.106(SP2C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.128(SP2C01)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.108(SP2C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.125(SP3C00)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.105(SP6C00)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.107(SP5C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.127(SP1C00)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.113(SP3C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.118(C01)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.113(SP7C01)"}, {"name": "Emily-AL00A", "operator": "eq", "version": "8.1.0.109(SP5C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.127(SP1C01)"}, {"name": "ALP-AL00B", "operator": "eq", "version": "8.0.0.118(C00)"}, {"name": "BLA-TL00B", "operator": "eq", "version": "8.0.0.125(SP2C01)"}]}
{"cve": [{"lastseen": "2021-02-02T06:52:42", "description": "Some Huawei smart phones ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00) have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the configuration flow by Gaode Map and can perform some operations to update the Google account. As a result, the FRP function is bypassed.", "edition": 5, "cvss3": {"exploitabilityScore": 0.9, "cvssV3": {"baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "PHYSICAL", "availabilityImpact": "NONE", "integrityImpact": "HIGH", "baseScore": 4.6, "privilegesRequired": "NONE", "vectorString": "CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", "userInteraction": "NONE", "version": "3.0"}, "impactScore": 3.6}, "published": "2018-10-23T14:29:00", "title": "CVE-2018-7911", "type": "cve", "cwe": ["NVD-CWE-noinfo"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 3.9, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "COMPLETE", "baseScore": 4.9, "vectorString": "AV:L/AC:L/Au:N/C:N/I:C/A:N", "version": "2.0", "accessVector": "LOCAL", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 6.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2018-7911"], "modified": "2019-10-03T00:03:00", "cpe": ["cpe:/o:huawei:bla-tl00b_firmware:8.0.0.129\\(sp2c01\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.118\\(c01\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.113\\(sp2c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.108\\(sp2c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.113\\(sp3c00\\)", "cpe:/o:huawei:alp-al00b-rsc_firmware:1.0.0.2", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.106\\(sp3c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.127\\(sp1c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.109\\(sp5c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp2c01\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp3c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.107\\(sp5c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.128\\(sp2c01\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp2c01\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.106\\(sp2c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.126\\(sp2c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.125\\(sp3c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp1c01\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.125\\(sp1c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.126\\(sp5c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.105\\(sp6c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.118\\(c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.113\\(sp7c01\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.106\\(c00\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.109\\(sp2c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.127\\(sp1c01\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp5c01\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.120\\(sp2c01\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.105\\(sp7c00\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp7c00\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp6c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.108\\(sp6c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.120\\(sp2c00\\)", "cpe:/o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp3c01\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.113\\(sp7c00\\)", "cpe:/o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp5c00\\)", "cpe:/o:huawei:alp-al00b_firmware:8.0.0.128\\(sp2c00\\)", "cpe:/o:huawei:emily-al00a_firmware:8.1.0.107\\(sp7c00\\)"], "id": "CVE-2018-7911", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-7911", "cvss": {"score": 4.9, "vector": "AV:L/AC:L/Au:N/C:N/I:C/A:N"}, "cpe23": ["cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp3c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.109\\(sp5c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp7c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp3c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.107\\(sp5c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.125\\(sp3c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.108\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.120\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp2c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.105\\(sp7c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.127\\(sp1c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.118\\(c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.113\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.106\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp5c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.127\\(sp1c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.126\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.107\\(sp7c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.125\\(sp1c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp3c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.105\\(sp6c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.113\\(sp7c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:emily-al00a_firmware:8.1.0.108\\(sp6c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.126\\(sp5c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.118\\(c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.128\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.109\\(sp2c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.108\\(sp6c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.129\\(sp2c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.120\\(sp2c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.128\\(sp2c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.106\\(sp3c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.106\\(c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b_firmware:8.0.0.126\\(sp5c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp2c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:bla-tl00b_firmware:8.0.0.125\\(sp1c01\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:charlotte-al00a_firmware:8.1.0.107\\(sp7c00\\):*:*:*:*:*:*:*", "cpe:2.3:o:huawei:alp-al00b-rsc_firmware:1.0.0.2:*:*:*:*:*:*:*"]}]}