CVE-2019-5297
Published Jun 4, 2019
Last updated 4 years ago
Overview
- Description
- Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone.
- Source
- psirt@huawei.com
- NVD status
- Analyzed
Risk scores
CVSS 3.0
- Type
- Primary
- Base score
- 4.6
- Impact score
- 3.6
- Exploitability score
- 0.9
- Vector string
- CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 2.1
- Impact score
- 2.9
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:N/I:P/A:N
Weaknesses
- nvd@nist.gov
- NVD-CWE-noinfo
Social media
- Hype score
- Not currently trending
Configurations
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:huawei:emily-l29c_firmware:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "154669A5-8516-4622-BCC9-FADD258EB684",
"versionEndExcluding": "9.0.0.159"
}
],
"operator": "OR"
},
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:h:huawei:emily-l29c:-:*:*:*:*:*:*:*",
"vulnerable": false,
"matchCriteriaId": "5D370342-02DA-4859-B98B-0A3F78EACAEE"
}
],
"operator": "OR"
}
],
"operator": "AND"
}
]