Huawei P20 prior 9.0.0.167(C00E81R1P21T8) Factory Reset Protection access control

EntryeditHistoryDiffjsonxmlCTI

A vulnerability classified as critical was found in Huawei P20 (Smartphone Operating System). Affected by this vulnerability is an unknown functionality of the component Factory Reset Protection. Upgrading to version 9.0.0.167(C00E81R1P21T8) eliminates this vulnerability.

Timeline

The analysis of the timeline helps to identify the required approach and handling of single vulnerabilities and vulnerability collections. This overview makes it possible to see less important slices and more severe hotspots at a glance. Initiating immediate vulnerability response and prioritizing of issues is possible.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
903201906/19/2020VulD...confirm_urlhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190228-01-smartphone-enhuawei.com06/19/2020accepted100
903203606/05/2019VulD...cvss3_nvd_basescore4.6nist.gov06/05/2019accepted90
903203506/05/2019VulD...0day_days9606/05/2019accepted90
903203406/05/2019VulD...cvss3_vuldb_rcX06/05/2019accepted90
903203306/05/2019VulD...cvss3_vuldb_rlO06/05/2019accepted90
903203206/05/2019VulD...cvss3_vuldb_eX06/05/2019accepted90
903203106/05/2019VulD...cvss2_vuldb_rcND06/05/2019accepted90
903203006/05/2019VulD...cvss2_vuldb_rlOF06/05/2019accepted90
903202906/05/2019VulD...cvss2_vuldb_eND06/05/2019accepted90
903202806/05/2019VulD...locationWebsite06/05/2019accepted90
903202706/05/2019VulD...seealso13595206/05/2019accepted100
903202606/05/2019VulD...osvdb_titleHuawei P20 smartphones Factory Reset Protection (FRP) security bypass06/05/2019accepted100
903202506/05/2019VulD...cve_nvd_summaryThere is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone.mitre.org06/05/2019accepted100
903202406/05/2019VulD...cve_assigned1546560000mitre.org06/05/2019accepted100
903202306/05/2019VulD...cveCVE-2019-5306mitre.org06/05/2019accepted100
903202206/05/2019VulD...upgrade_version9.0.0.167(C00E81R1P21T8)06/05/2019accepted100
903202106/05/2019VulD...nameUpgrade06/05/2019accepted100
903202006/05/2019VulD...price_0day$5k-$25ksee documentation06/05/2019accepted100
903201806/05/2019VulD...urlhttps://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190228-01-smartphone-enhuawei.com06/05/2019accepted100
903201706/05/2019VulD...date1559606400 (06/04/2019)06/05/2019accepted100

Do you want to use VulDB in your project?

Use the official API to access entries easily!