EVA-L09 smartphones with software Earlier than EVA-L09C25B150CUSTC25D003 versions,Earlier than EVA-L09C440B140 versions,Earlier than EVA-L09C464B361 versions,Earlier than EVA-L09C675B320CUSTC675D004 versions have Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can login the Swype and can perform some operations to update the Google account. As a result, the FRP function is bypassed.
2017-11-22T19:29:03.740
2025-04-20T01:37:25.860
Deferred
CVSSv3.0: 4.6 (MEDIUM)
AV:L/AC:L/Au:N/C:N/I:C/A:N
3.9
6.9
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Operating System | huawei | eva-l09 | < eva-l09c25b150custc25d003 | Yes |
| Hardware | huawei | eva-l09 | - | No |
| Operating System | huawei | eva-l09 | < eva-l09c440b140 | Yes |
| Hardware | huawei | eva-l09 | - | No |
| Operating System | huawei | eva-l09 | < eva-l09c464b361 | Yes |
| Hardware | huawei | eva-l09 | - | No |
| Operating System | huawei | eva-l09 | < l09c675b320custc675d004 | Yes |
| Hardware | huawei | eva-l09 | - | No |