Factory Reset Protection Bypass in Huawei Smartphones
CVE-2018-7911

4.6MEDIUM

Key Information:

Vendor
McAfee
Status
Alp-al00b, Alp-al00b-rsc, Bla-tl00b, Charlotte-al00a, Emily-al00a,
Vendor
CVE Published:
23 October 2018

Summary

Certain Huawei smartphone models contain a Factory Reset Protection (FRP) bypass vulnerability. When users attempt to reconfigure their devices using the FRP function, an attacker can exploit this flaw by initiating the configuration flow through the Gaode Map application. This allows unauthorized updates to the Google account, effectively circumventing the intended protections of FRP.

Affected Version(s)

ALP-AL00B, ALP-AL00B-RSC, BLA-TL00B, Charlotte-AL00A, Emily-AL00A, ALP-AL00B 8.0.0.106(C00), 8.0.0.113(SP2C00), 8.0.0.113(SP3C00), 8.0.0.113(SP7C00), 8.0.0.118(C00), 8.0.0.120(SP2C00), 8.0.0.125(SP1C00), 8.0.0.125(SP3C00), 8.0.0.126(SP2C00), 8.0.0.126(SP5C00), 8.0.0.127(SP1C00), 8.0.0.128(SP2C00), ALP-AL00B-RSC 1.0.0.2, BLA-TL00B 8.0.0.113(SP7C01), 8.0.0.118(C01), 8.0.0.120(SP2C01), 8.0.0.125(SP1C01), 8.0.0.125(SP2C01), 8.0.0.125(SP3C01), 8.0.0.126(SP2C01), 8.0.0.126(SP5C01), 8.0.0.127(SP1C01), 8.0.0.128(SP2C01), 8.0.0.129(SP2C01), Charlotte-AL00A 8.1.0.105(SP7C00), 8.1.0.106(SP3C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP3C00), 8.1.0.108(SP6C00), 8.1.0.109(SP2C00), Emily-AL00A 8.1.0.105(SP6C00), 8.1.0.106(SP2C00), 8.1.0.107(SP5C00), 8.1.0.107(SP7C00), 8.1.0.108(SP2C00), 8.1.0.108(SP6C00), 8.1.0.109(SP5C00)

References

http://www.huawei.com/en/psirt/security-advisories/huawei...
x_refsource_CONFIRM

CVSS V3.1

Score:
4.6
Severity:
MEDIUM
Confidentiality:
None
Integrity:
High
Availability:
None
Attack Vector:
Physical
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.