CVE-2019-5306

3 documents3 sources

Severity

4.6MEDIUM

EPSS

0.0%

top 92.32%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Huawei P20 Firmware Huawei P20

Timeline

PublishedJun 4

Latest updateMay 24

Description

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone.

CVSS vector

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 0.9 | Impact: 3.6

Affected Packages2 packages

▶NVDhuawei/p20_firmware< emily-al00a_9.0.0.167\(c00e81r1p21t8\)

▶CVEListV5huawei/p20The versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8)

🔴Vulnerability Details

GHSA

GHSA-vj43-cv8g-grx7: There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9↗2022-05-24

▶

CVEList

CVE-2019-5306: There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9↗2019-06-04

▶