CVE-2019-5220
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
There is a Factory Reset Protection (FRP) bypass vulnerability on several smartphones. The system does not sufficiently verify the permission, an attacker could do a certain operation on certain step of setup wizard. Successful exploit could allow the attacker bypass the FRP protection. Affected products: Mate 20 X, versions earlier than Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versions earlier than Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versions earlier than Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2).
Hay una vulnerabilidad de omisión de la protección Factory Reset Protection (FRP) en varios teléfonos inteligentes. El sistema no comprueba de manera suficiente el permiso, un atacante podría realizar una determinada operación en cierto paso del asistente de configuración. La explotación con éxito podría permitir al atacante omitir la protección FRP. Productos afectados: Mate 20 X, versiones anteriores a Ever-AL00B 9.0.0.200(C00E200R2P1); Mate 20, versiones anteriores a Hima-AL00B/Hima-TL00B 9.0.0.200(C00E200R2P1); Honor Magic 2, versiones anteriores a Tony-AL00B/Tony-TL00B 9.0.0.182(C00E180R2P2)
CVSS Scores
SSVC
- Decision:-
Timeline
- 2019-01-04 CVE Reserved
- 2019-07-10 CVE Published
- 2023-03-08 EPSS Updated
- 2024-08-04 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-863: Incorrect Authorization
CAPEC
References (1)
URL | Tag | Source |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190626-01-frp-en | 2020-08-24 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Huawei Search vendor "Huawei" | Mate 20 X Firmware Search vendor "Huawei" for product "Mate 20 X Firmware" | < ever-al00b_9.0.0.200\(c00e200r2p1\) Search vendor "Huawei" for product "Mate 20 X Firmware" and version " < ever-al00b_9.0.0.200\(c00e200r2p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 20 X Search vendor "Huawei" for product "Mate 20 X" | - | - |
Safe
|
Huawei Search vendor "Huawei" | Mate 20 Firmware Search vendor "Huawei" for product "Mate 20 Firmware" | < hima-al00b\/hima-tl00b_9.0.0.200\(c00e200r2p1\) Search vendor "Huawei" for product "Mate 20 Firmware" and version " < hima-al00b\/hima-tl00b_9.0.0.200\(c00e200r2p1\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Mate 20 Search vendor "Huawei" for product "Mate 20" | - | - |
Safe
|
Huawei Search vendor "Huawei" | Honor Magic 2 Firmware Search vendor "Huawei" for product "Honor Magic 2 Firmware" | < tony-al00b\/tony-tl00b_9.0.0.182\(c00e180r2p2\) Search vendor "Huawei" for product "Honor Magic 2 Firmware" and version " < tony-al00b\/tony-tl00b_9.0.0.182\(c00e180r2p2\)" | - |
Affected
| in | Huawei Search vendor "Huawei" | Honor Magic 2 Search vendor "Huawei" for product "Honor Magic 2" | - | - |
Safe
|