Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2019-5297

Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone.

Published

2019-06-04T19:29:00.507

Last Modified

2024-11-21T04:44:41.743

Status

Modified

Source

[email protected]

Severity

CVSSv3.0: 4.6 (MEDIUM)

CVSSv2 Vector

AV:L/AC:L/Au:N/C:N/I:P/A:N

Access Vector: LOCAL
Access Complexity: LOW
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: PARTIAL
Availability Impact: NONE

Exploitability Score

3.9

Impact Score

2.9

Weaknesses

Type: Primary
NVD-CWE-noinfo

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Operating System	huawei	emily-l29c_firmware	< 9.0.0.159	Yes
Hardware	huawei	emily-l29c	-	No

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190305-01-frp-en Vendor Advisory ([email protected])
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190305-01-frp-en Vendor Advisory (af854a3a-2127-422b-91ae-364da2661108)