Alessandro De Bartolo

**Name of the Vulnerable Software and Affected Versions** BTV-W09C229B002CUSTC229D005 BTV-W09C233B029 BTV-W09C100B006CUSTC100D002 versions earlier than BTV-W09C100B006CUSTC100D002 BTV-W09C128B003CUSTC128D002 versions earlier than BTV-W09C128B003CUSTC128D002 BTV-W09C199B002CUSTC199D002 versions earlier than BTV-W09C199B002CUSTC199D002 BTV-W09C209B005CUSTC209D001 versions earlier than BTV-W09C209B005CUSTC209D001 BTV-W09C331B002CUSTC331D001 versions earlier than BTV-W09C331B002CUSTC331D001 CRR-L09C432B390 versions earlier than CRR-L09C432B390 CRR-L09C605B355CUSTC605D003 versions earlier than CRR-L09C605B355CUSTC605D003 **Description** The issue concerns a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account, resulting in the FRP function being bypassed. **Recommendations** For BTV-W09C229B002CUSTC229D005, update to a version later than BTV-W09C229B002CUSTC229D005. For BTV-W09C233B029, update to a version later than BTV-W09C233B029. For versions earlier than BTV-W09C100B006CUSTC100D002, update to BTV-W09C100B006CUSTC100D002 or later. For versions earlier than BTV-W09C128B003CUSTC128D002, update to BTV-W09C128B003CUSTC128D002 or later. For versions earlier than BTV-W09C199B002CUSTC199D002, update to BTV-W09C199B002CUSTC199D002 or later. For versions earlier than BTV-W09C209B005CUSTC209D001, update to BTV-W09C209B005CUSTC209D001 or later. For versions earlier than BTV-W09C331B002CUSTC331D001, update to BTV-W09C331B002CUSTC331D001 or later. For versions earlier than CRR-L09C432B390, update to CRR-L09C432B390 or later. For versions earlier than CRR-L09C605B355CUSTC605D003, update to CRR-L09C605B355CUSTC605D003 or later.