CVE-2019-19412

4.6MEDIUM

Key Information:

Vendor: Huawei
Status: Alp-al00b; Alp-l09; Alp-l29; Anne-al00
Vendor: CVE Published:; 8 June 2020

Summary

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.

Affected Version(s)

ALP-AL00B earlier than 9.0.0.181(C00E87R2P20T8)

ALP-L09 earlier than 9.0.0.201(C432E4R1P9)

ALP-L29 earlier than 9.0.0.177(C185E2R1P12T8)

References

https://www.huawei.com/en/psirt/security-advisories/huawe...

x_refsource_CONFIRM

CVSS V3.1

Score:

4.6

Severity:

MEDIUM

Confidentiality:

None

Integrity:

High

Availability:

None

Attack Vector:

Physical

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Jun 8, 2020
Vulnerability Reserved
Nov 29, 2019