CVE-2019-5306
First published: Tue Jun 04 2019(Updated: )
There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone.
Credit: psirt@huawei.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Huawei P20 Firmware | <emily-al00a_9.0.0.167\(c00e81r1p21t8\) | |
| HUAWEI P20 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID of this security vulnerability?
The vulnerability ID of this security vulnerability is CVE-2019-5306.
What is the title of this security vulnerability?
The title of this security vulnerability is 'Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones'.
What is the severity of the vulnerability CVE-2019-5306?
The severity of the vulnerability CVE-2019-5306 is medium with a severity value of 4.6.
How can an attacker exploit this vulnerability?
An attacker can exploit this vulnerability by performing a series of operations to delete the activation lock.
Is there a fix available for this vulnerability?
Yes, a fix is available for this vulnerability. Please refer to the security advisory provided by Huawei for more information.
- collector/nvd-index
- agent/severity
- agent/references
- agent/author
- agent/type
- agent/tags
- agent/description
- agent/event
- agent/softwarecombine
- agent/first-publish-date
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/huawei
- canonical/huawei p20 firmware
- canonical/huawei p20