Factory Reset Protection (FRP) bypass in Huawei Smart Phones



Published: 2020-01-16
Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2019-19412
CWE-ID CWE-254
Exploitation vector Local
Public exploit N/A
Vulnerable software
Subscribe 		Huawei P-smart
Client/Desktop applications / Multimedia software

Huawei Honor V10
Client/Desktop applications / Multimedia software

Huawei ALP-AL00B
Client/Desktop applications / Multimedia software

Huawei ALP-L09
Client/Desktop applications / Multimedia software

Huawei ALP-L29
Client/Desktop applications / Multimedia software

Huawei Anne-AL00
Client/Desktop applications / Multimedia software

Huawei BLA-L09C
Client/Desktop applications / Multimedia software

Huawei BLA-L29C
Client/Desktop applications / Multimedia software

Huawei Berkeley-AL20
Client/Desktop applications / Multimedia software

Huawei Berkeley-L09
Client/Desktop applications / Multimedia software

Huawei Emily-L29C
Client/Desktop applications / Multimedia software

Huawei Figo-L03
Client/Desktop applications / Multimedia software

Huawei Figo-L21
Client/Desktop applications / Multimedia software

Huawei Figo-L23
Client/Desktop applications / Multimedia software

Huawei Figo-L31
Client/Desktop applications / Multimedia software

Huawei Florida-L03
Client/Desktop applications / Multimedia software

Huawei Florida-L21
Client/Desktop applications / Multimedia software

Huawei Florida-L22
Client/Desktop applications / Multimedia software

Huawei Florida-L23
Client/Desktop applications / Multimedia software

Huawei Y7s
Client/Desktop applications / Multimedia software

Huawei P20 lite
Client/Desktop applications / Multimedia software

Huawei nova 3e
Client/Desktop applications / Multimedia software

Huawei Leland-AL00A
Client/Desktop applications / Multimedia software

Huawei Leland-L21A
Client/Desktop applications / Multimedia software

Huawei Leland-L22A
Client/Desktop applications / Multimedia software

Huawei Leland-L22C
Client/Desktop applications / Multimedia software

Huawei Leland-L31A
Client/Desktop applications / Multimedia software

Vendor Huawei

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Security Features

EUVDB-ID: #VU24337

Risk: Low

CVSSv3.1: 4 [CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2019-19412

CWE-ID: CWE-254 - Security Features

Exploit availability: No

Description

The vulnerability allows a local attacker to bypass the FRP function.

The vulnerability exists due to a Factory Reset Protection (FRP) security bypass. When re-configuring the mobile phone using the FRP function, an attacker with physical access to the device can login the Talkback mode, perform some operations to install a third-Party application and bypass the FRP function.

Mitigation

Install updates from vendor's website.

Vulnerable software versions

Huawei P-smart: before 9.1.0.130

Huawei Honor V10: before 9.0.0.202

Huawei ALP-AL00B: before 9.0.0.181

Huawei ALP-L09: before 9.0.0.201

Huawei ALP-L29: before 9.0.0.195

Huawei Anne-AL00: before 8.0.0.168

Huawei BLA-L09C: before 9.0.0.206

Huawei BLA-L29C: before 9.0.0.210

Huawei Berkeley-AL20: before 9.0.0.156

Huawei Berkeley-L09: before 8.0.0.173

Huawei Emily-L29C: before 9.0.0.193

Huawei Figo-L03: before 9.1.0.130

Huawei Figo-L21: before 9.1.0.130

Huawei Figo-L23: before 9.1.0.130

Huawei Figo-L31: before 9.1.0.130

Huawei Florida-L03: before 9.1.0.121

Huawei Florida-L21: before 8.0.0.132

Huawei Florida-L22: before 8.0.0.132

Huawei Florida-L23: before 8.0.0.144

Huawei Y7s: before 9.1.0.124

Huawei P20 lite: before 8.0.0.172

Huawei nova 3e: before 8.0.0.172

Huawei Leland-AL00A: before 8.0.0.182

Huawei Leland-L21A: before 9.1.0.118

Huawei Leland-L22A: before 9.1.0.118

Huawei Leland-L22C: before 9.1.0.118

Huawei Leland-L31A: before 8.0.0.139

External links

http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en


Q & A

Can this vulnerability be exploited remotely?

No. The attacker should have physical access to the system in order to successfully exploit this vulnerability.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###