MEDIUM🇵🇱 Wersja polska

CVE-2018-7939

CVSS 4.6v3.0pub. 2018-09-12upd. 2024-11-21

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.

CVSS Vector
CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
  • Huawei G9 Lite

    HW
    Huawei
    wszystkie wersje
  • Huawei G9 Lite Firmware

    OS
    Huawei
    < vns-l53c605b120custc605d103
  • Huawei Honor 5a

    HW
    Huawei
    < cam-l21c464b170
  • Huawei Honor 5a Firmware

    OS
    Huawei
    < cam-l21c223b133< cam-l21c432b210< cam-l21c636b245< cam-l03c605b143custc605d008< cam-l21c10b145< cam-l21c185b156
  • Huawei Honor 6x

    HW
    Huawei
    wszystkie wersje
  • Huawei Honor 6x Firmware

    OS
    Huawei
    < berlin-l23c605b161< berlin-l21c185b363< berlin-l21c464b137< berlin-l21c10b372
  • Huawei Honor 8

    HW
    Huawei
    wszystkie wersje
  • Huawei Honor 8 Firmware

    OS
    Huawei
    < frd-l19c10b387< frd-l19c432b399< frd-l19c636b387< frd-l09c10b387< frd-l09c185b387< frd-l09c432b398< frd-l09c636b387
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2017-8209HIGH7.8ten sam produkt

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, ve...

CVE-2017-2729HIGH7.8ten sam produkt

The boot loaders in Honor 5A smart phones with software Versions earlier than CAM-TL00C01B193,Versions earlier...

CVE-2017-8207HIGH7.8ten sam produkt

The driver of honor 5C, honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, v...

CVE-2017-8208HIGH7.8ten sam produkt

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, ve...

CVE-2017-8210HIGH7.8ten sam produkt

The driver of honor 5C,honor 6x Huawei smart phones with software of versions earlier than NEM-AL10C00B356, ve...