U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Vulnerability Change Records for CVE-2019-19412

Change History

CVE Modified by Huawei Technologies 7/08/2020 12:15:10 PM

Action Type Old Value New Value
Changed Description
Some Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. The affected products and versions are: ALP-AL00B Versions earlier than 9.0.0.181(C00E87R2P20T8) ALP-L09 Versions earlier than 9.0.0.201(C432E4R1P9) ALP-L29 Versions earlier than 9.0.0.177(C185E2R1P12T8), Versions earlier than 9.0.0.195(C636E2R1P12) Anne-AL00 Versions earlier than 8.0.0.168(C00) BLA-AL00B Versions earlier than 9.0.0.181(C00E88R2P15T8) BLA-L09C Versions earlier than 9.0.0.177(C185E2R1P13T8), Versions earlier than 9.0.0.206(C432E4R1P11) BLA-L29C Versions earlier than 9.0.0.179(C576E2R1P7T8), Versions earlier than 9.0.0.194(C185E2R1P13), Versions earlier than 9.0.0.206(C432E4R1P11), Versions earlier than 9.0.0.210(C635E4R1P13) Berkeley-AL20 Versions earlier than 9.0.0.156(C00E156R2P14T8) Berkeley-L09 Versions earlier than 8.0.0.172(C432), Versions earlier than 8.0.0.173(C636) Emily-L29C Versions earlier than 9.0.0.159(C185E2R1P12T8), Versions earlier than 9.0.0.159(C461E2R1P11T8), Versions earlier than 9.0.0.160(C432E7R1P11T8), Versions earlier than 9.0.0.165(C605E2R1P12), Versions earlier than 9.0.0.168(C636E7R1P13T8), Versions earlier than 9.0.0.168(C782E3R1P11T8), Versions earlier than 9.0.0.196(C635E2R1P11T8) Figo-L03 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L21 Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C635E6R1P5T8) Figo-L23 Versions earlier than 9.1.0.130(C605E6R1P5T8) Figo-L31 Versions earlier than 9.1.0.130(C432E8R1P5T8) Florida-L03 Versions earlier than 9.1.0.121(C605E5R1P1T8) Florida-L21 Versions earlier than 8.0.0.129(C605), Versions earlier than 8.0.0.131(C432), Versions earlier than 8.0.0.132(C185) Florida-L22 Versions earlier than 8.0.0.132(C636) Florida-L23 Versions earlier than 8.0.0.144(C605) HUAWEI P smart Versions earlier than 9.1.0.130(C185E6R1P5T8), Versions earlier than 9.1.0.130(C605E6R1P5T8) HUAWEI P smart, HUAWEI Y7s Versions earlier than 9.1.0.124(C636E6R1P5T8) HUAWEI P20 lite Versions earlier than 8.0.0.148(C635), Versions earlier than 8.0.0.155(C185), Versions earlier than 8.0.0.155(C605), Versions earlier than 8.0.0.156(C605), Versions earlier than 8.0.0.157(C432) HUAWEI nova 3e, HUAWEI P20 lite Versions earlier than 8.0.0.147(C461), Versions earlier than 8.0.0.148(ZAFC185), Versions earlier than 8.0.0.160(C185), Versions earlier than 8.0.0.160(C605), Versions earlier than 8.0.0.168(C432), Versions earlier than 8.0.0.172(C636) Honor View 10 Versions earlier than 9.0.0.202(C567E6R1P12T8) Leland-AL00A Versions earlier than 8.0.0.182(C00) Leland-L21A Versions earlier than 8.0.0.135(C185), Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22A Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L22C Versions earlier than 9.1.0.118(C636E4R1P1T8) Leland-L31A Versions earlier than 8.0.0.139(C432)
Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.