Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
huaweiHuawei TechnologiesHUAWEI-SA-20200115-01-FRP
HistoryJan 15, 2020 - 12:00 a.m.

Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

2020-01-1500:00:00
Huawei Technologies
www.huawei.com
60

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

25.1%

JSON

There is a Factory Reset Protection (FRP) bypass security vulnerability in some Huawei smart phones. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. As a result, the FRP function is bypassed. (Vulnerability ID: HWPSIRT-2018-09212)

This vulnerability has been assigned a Common Vulnerabilities and Exposures (CVE) ID: CVE-2019-19412

Huawei has released software updates to fix this vulnerability. This advisory is available at the following link:
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en

Affected configurations

Vulners
Node
huaweialp-al00bRange<9.0.0.181
OR
huaweialp-l09Range<9.0.0.201
OR
huaweialp-l29Range<9.0.0.177
OR
huaweialp-l29Range<9.0.0.195
OR
huaweiwarsaw-al00Range<8.0.0.168
OR
huaweibla-al00bRange<9.0.0.181
OR
huaweibla-l09cRange<9.0.0.177
OR
huaweibla-l09cRange<9.0.0.206
OR
huaweibla-l29cRange<9.0.0.179
OR
huaweibla-l29cRange<9.0.0.194
OR
huaweibla-l29cRange<9.0.0.206
OR
huaweibla-l29cRange<9.0.0.210
OR
huaweiberkeley-al20Range<9.0.0.156
OR
huaweiberkeley-l09Range<8.0.0.172
OR
huaweiberkeley-l09Range<8.0.0.173
OR
huaweiemily-l29cRange<9.0.0.159
OR
huaweiemily-l29cRange<9.0.0.159
OR
huaweiemily-l29cRange<9.0.0.160
OR
huaweiemily-l29cRange<9.0.0.165
OR
huaweiemily-l29cRange<9.0.0.168
OR
huaweiemily-l29cRange<9.0.0.168
OR
huaweiemily-l29cRange<9.0.0.196
OR
huaweifigo-l03Range<9.1.0.130
OR
huaweifigo-l21Range<9.1.0.130
OR
huaweifigo-l21Range<9.1.0.130
OR
huaweifigo-l23Range<9.1.0.130
OR
huaweifigo-l31Range<9.1.0.130
OR
huaweiflorida-l03Range<9.1.0.121
OR
huaweiflorida-l21Range<8.0.0.129
OR
huaweiflorida-l21Range<8.0.0.131
OR
huaweiflorida-l21Range<8.0.0.132
OR
huaweiflorida-l22Range<8.0.0.132
OR
huaweiflorida-l23Range<8.0.0.144
OR
huaweipc_smart_full_sceneRange<9.1.0.130
OR
huaweipc_smart_full_sceneRange<9.1.0.130
OR
huaweipc_smart_full_sceneRange<9.1.0.124
OR
huaweihuawei_p20Range<8.0.0.148
OR
huaweihuawei_p20Range<8.0.0.155
OR
huaweihuawei_p20Range<8.0.0.155
OR
huaweihuawei_p20Range<8.0.0.156
OR
huaweihuawei_p20Range<8.0.0.157
OR
huaweihuawei_nova_3eRange<8.0.0.147
OR
huaweihuawei_nova_3eRange<8.0.0.148
OR
huaweihuawei_nova_3eRange<8.0.0.160
OR
huaweihuawei_nova_3eRange<8.0.0.160
OR
huaweihuawei_nova_3eRange<8.0.0.168
OR
huaweihuawei_nova_3eRange<8.0.0.172
OR
huaweihonor_view_10Range<9.0.0.202
OR
huaweivicky-al00aRange<8.0.0.182
OR
huaweileland-l21aRange<8.0.0.135
OR
huaweileland-l21aRange<9.1.0.118
OR
huaweileland-l22aRange<9.1.0.118
OR
huaweileland-l22cRange<9.1.0.118
OR
huaweileland-l31aRange<8.0.0.139

Related

nvd 1
prion 1
cve 1
cvelist 1
nvd
nvd
CVE-2019-19412
2020-06-08 19:15:10
prion
prion
Security feature bypass
2020-06-08 19:15:00
cve
cve
CVE-2019-19412
2020-06-08 19:15:10
cvelist
cvelist
CVE-2019-19412
2020-06-08 18:21:28

2.1 Low

CVSS2

Attack Vector

LOCAL

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:L/AC:L/Au:N/C:N/I:P/A:N

4.6 Medium

CVSS3

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

HIGH

Availability Impact

NONE

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

0.001 Low

EPSS

Percentile

25.1%

JSON
Related for HUAWEI-SA-20200115-01-FRP
nvd1prion1cve1cvelist1