CVE-2019-19412

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 92.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei Alp-al00b Firmware Huawei Alp-l09 Firmware Huawei Alp-l29 Firmware +51 more

Timeline

PublishedJun 8

Latest updateMay 24

Description

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.

CVSS vector

CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages54 packages

▶NVDhuawei/p_smart_firmware< 9.1.0.130\(c185e6r1p5t8\)+2

▶CVEListV5huawei/huawei_p_smartearlier than 9.1.0.130(C185E6R1P5T8), earlier than 9.1.0.130(C605E6R1P5T8)+1

▶NVDhuawei/y7s_firmware< 9.1.0.124\(c636e6r1p5t8\)

▶NVDhuawei/alp-l09_firmware< 9.0.0.201\(c432e4r1p9\)

▶NVDhuawei/alp-l29_firmware< 9.0.0.177\(c185e2r1p12t8\)+1

🔴Vulnerability Details

GHSA

GHSA-gvv5-wgp2-xf56: Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability↗2022-05-24

▶

CVEList

CVE-2019-19412: Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability↗2020-06-08

▶