CVE-2019-19412
First published: Mon Jun 08 2020(Updated: )
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei ALP-AL00B-RSC Firmware | <9.0.0.181\(c00e87r2p20t8\) | |
| Huawei ALP-AL00B-RSC Firmware | ||
| Huawei ALP-L09 | <9.0.0.201\(c432e4r1p9\) | |
| Huawei ALP-L09 firmware | ||
| Huawei Vie-l29 Firmware | <9.0.0.177\(c185e2r1p12t8\) | |
| Huawei ALP-L29 | ||
| Huawei Vie-l29 Firmware | <9.0.0.195\(c636e2r1p12\) | |
| Huawei Anne-AL00 | <8.0.0.168\(c00\) | |
| Huawei Anne-AL00 Firmware | ||
| Huawei BLA-AL00B Firmware | <9.0.0.181\(c00e88r2p15t8\) | |
| Huawei BLA-AL00B Firmware | ||
| Huawei BLA-L09C | <9.0.0.177\(c185e2r1p13t8\) | |
| Huawei BLA-L09C Firmware | ||
| Huawei BLA-L09C | <9.0.0.206\(c432e4r1p11\) | |
| Huawei BLA-L29C Firmware | <9.0.0.179\(c576e2r1p7t8\) | |
| Huawei BLA-L29 | ||
| Huawei BLA-L29C Firmware | <9.0.0.194\(c185e2r1p13\) | |
| Huawei BLA-L29C Firmware | <9.0.0.206\(c432e4r1p11\) | |
| Huawei BLA-L29C Firmware | <9.0.0.210\(c635e4r1p13\) | |
| Huawei Berkeley-AL20 Firmware | <9.0.0.156\(c00e156r2p14t8\) | |
| Huawei Berkeley-AL20 Firmware | ||
| Huawei P10 Firmware | <8.0.0.172\(c432\) | |
| Huawei P10 | ||
| Huawei P10 Firmware | <8.0.0.173\(c636\) | |
| Huawei Emily-L29C Firmware | <9.0.0.159\(c185e2r1p12t8\) | |
| Huawei Emily-L29C Firmware | ||
| Huawei Emily-L29C Firmware | <9.0.0.159\(c461e2r1p11t8\) | |
| Huawei Emily-L29C Firmware | <9.0.0.160\(c432e7r1p11t8\) | |
| Huawei Emily-L29C Firmware | <9.0.0.165\(c605e2r1p12\) | |
| Huawei Emily-L29C Firmware | <9.0.0.168\(c636e7r1p13t8\) | |
| Huawei Emily-L29C Firmware | <9.0.0.168\(c782e3r1p11t8\) | |
| Huawei Emily-L29C Firmware | <9.0.0.196\(c635e2r1p11t8\) | |
| Huawei Figo L03 | <9.1.0.130\(c605e6r1p5t8\) | |
| Huawei Figo-L03 Firmware | ||
| Huawei Figo-L21 Firmware | <9.1.0.130\(c185e6r1p5t8\) | |
| Huawei Figo-L21 Firmware | ||
| Huawei Figo-L21 Firmware | <9.1.0.130\(c635e6r1p5t8\) | |
| Huawei Figo-L23 | <9.1.0.130\(c605e6r1p5t8\) | |
| Huawei Figo | ||
| Huawei Figo-L31 | <9.1.0.130\(c432e8r1p5t8\) | |
| Huawei Figo | ||
| Huawei Florida | <9.1.0.121\(c605e5r1p1t8\) | |
| Huawei Florida L03 | ||
| Huawei Florida | <8.0.0.129\(c605\) | |
| Huawei Florida | ||
| Huawei Florida | <8.0.0.131\(c432\) | |
| Huawei Florida | <8.0.0.132\(c185\) | |
| Huawei Florida | <8.0.0.132\(c636\) | |
| Huawei Florida-L22 Firmware | ||
| Huawei Florida | <8.0.0.144\(c605\) | |
| Huawei Florida | ||
| Huawei P Smart Firmware | <9.1.0.130\(c185e6r1p5t8\) | |
| Huawei P Smart Firmware | ||
| Huawei P Smart Firmware | <9.1.0.130\(c605e6r1p5t8\) | |
| Huawei P Smart Firmware | <9.1.0.124\(c636e6r1p5t8\) | |
| Huawei Y7s | <9.1.0.124\(c636e6r1p5t8\) | |
| Huawei Y7s Firmware | ||
| Huawei P20 Lite | <8.0.0.148\(c635\) | |
| Huawei P20 Lite Firmware | ||
| Huawei P20 Lite | <8.0.0.155\(c185\) | |
| Huawei P20 Lite | <8.0.0.155\(c605\) | |
| Huawei P20 Lite | <8.0.0.156\(c605\) | |
| Huawei P20 Lite | <8.0.0.157\(c432\) | |
| Huawei Nova 3i firmware | <8.0.0.147\(c461\) | |
| Huawei Nova 3e Firmware | ||
| Huawei Nova 3i firmware | <8.0.0.148\(zafc185\) | |
| Huawei Nova 3i firmware | <8.0.0.160\(c185\) | |
| Huawei Nova 3i firmware | <8.0.0.160\(c605\) | |
| Huawei Nova 3i firmware | <8.0.0.168\(c432\) | |
| Huawei Nova 3i firmware | <8.0.0.172\(c636\) | |
| Huawei P20 Lite | <8.0.0.147\(c461\) | |
| Huawei P20 Lite | <8.0.0.148\(zafc185\) | |
| Huawei P20 Lite | <8.0.0.160\(c185\) | |
| Huawei P20 Lite | <8.0.0.160\(c605\) | |
| Huawei P20 Lite | <8.0.0.168\(c432\) | |
| Huawei P20 Lite | <8.0.0.172\(c636\) | |
| Huawei Honor View 10 | <9.0.0.202\(c567e6r1p12t8\) | |
| Huawei Honor V10 Firmware | ||
| Huawei Leland-al00a | <8.0.0.182\(c00\) | |
| Huawei Leland AL00 | ||
| Huawei Leland Firmware | <8.0.0.135\(c185\) | |
| Huawei Leland-L21A Firmware | ||
| Huawei Leland Firmware | <9.1.0.118\(c636e4r1p1t8\) | |
| Huawei Leland L22A | <9.1.0.118\(c636e4r1p1t8\) | |
| Huawei Leland L22A | ||
| Huawei Leland P-L22C | <9.1.0.118\(c636e4r1p1t8\) | |
| Huawei Leland p-l22c | ||
| Huawei Leland | <8.0.0.139\(c432\) | |
| Huawei Leland-L31A Firmware |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the severity of CVE-2019-19412?
CVE-2019-19412 has a medium severity rating due to the potential exploitation for bypassing factory reset protection on affected Huawei devices.
How do I fix CVE-2019-19412?
To fix CVE-2019-19412, ensure that your Huawei device firmware is updated to a version that addresses this vulnerability.
Which Huawei devices are affected by CVE-2019-19412?
CVE-2019-19412 affects several Huawei device firmware versions, including ALP-AL00B, ALP-L09, ALP-L29, among others.
What actions can an attacker perform through CVE-2019-19412?
An attacker can exploit CVE-2019-19412 to bypass Factory Reset Protection and install unauthorized third-party applications.
Is there a permanent solution for CVE-2019-19412?
The permanent solution for CVE-2019-19412 involves applying the latest security updates provided by Huawei for affected devices.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/author
- agent/references
- agent/last-modified-date
- agent/severity
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/huawei
- canonical/huawei alp-al00b-rsc firmware
- canonical/huawei alp-l09
- canonical/huawei alp-l09 firmware
- canonical/huawei vie-l29 firmware
- canonical/huawei alp-l29
- canonical/huawei anne-al00
- canonical/huawei anne-al00 firmware
- canonical/huawei bla-al00b firmware
- canonical/huawei bla-l09c
- canonical/huawei bla-l09c firmware
- canonical/huawei bla-l29c firmware
- canonical/huawei bla-l29
- canonical/huawei berkeley-al20 firmware
- canonical/huawei p10 firmware
- canonical/huawei p10
- canonical/huawei emily-l29c firmware
- canonical/huawei figo l03
- canonical/huawei figo-l03 firmware
- canonical/huawei figo-l21 firmware
- canonical/huawei figo-l23
- canonical/huawei figo
- canonical/huawei figo-l31
- canonical/huawei florida
- canonical/huawei florida l03
- canonical/huawei florida-l22 firmware
- canonical/huawei p smart firmware
- canonical/huawei y7s
- canonical/huawei y7s firmware
- canonical/huawei p20 lite
- canonical/huawei p20 lite firmware
- canonical/huawei nova 3i firmware
- canonical/huawei nova 3e firmware
- canonical/huawei honor view 10
- canonical/huawei honor v10 firmware
- canonical/huawei leland-al00a
- canonical/huawei leland al00
- canonical/huawei leland firmware
- canonical/huawei leland-l21a firmware
- canonical/huawei leland l22a
- canonical/huawei leland p-l22c
- canonical/huawei leland
- canonical/huawei leland-l31a firmware