CVE-2019-19412
MEDIUMHuawei ALP AL00B Firmware < 9.0.0.181(c00e87r2p20t8) - Factory Reset Protection Bypass via Talkback Mode
Title source: llmDescription
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
References (1)
Core 1
Core References
Vendor Advisory x_refsource_confirm
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en
Scores
CVSS v3
4.6
EPSS
0.0003
EPSS Percentile
8.1%
Attack Vector
PHYSICAL
CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
Details
Status
published
Products (28)
huawei/alp-al00b_firmware
< 9.0.0.181\(c00e87r2p20t8\)
huawei/alp-l09_firmware
< 9.0.0.201\(c432e4r1p9\)
huawei/alp-l29_firmware
< 9.0.0.177\(c185e2r1p12t8\)
huawei/anne-al00_firmware
< 8.0.0.168\(c00\)
huawei/berkeley-al20_firmware
< 9.0.0.156\(c00e156r2p14t8\)
huawei/berkeley-l09_firmware
< 8.0.0.172\(c432\)
huawei/bla-al00b_firmware
< 9.0.0.181\(c00e88r2p15t8\)
huawei/bla-l09c_firmware
< 9.0.0.177\(c185e2r1p13t8\)
huawei/bla-l29c_firmware
< 9.0.0.179\(c576e2r1p7t8\)
huawei/emily-l29c_firmware
< 9.0.0.159\(c185e2r1p12t8\)
... and 18 more
Published
Jun 08, 2020
Tracked Since
Feb 18, 2026