PT-2019-17512 · Huawei · Honor Magic2+1
Publicado
2019-07-10
·
Atualizado
2020-08-24
·
CVE-2019-5220
CVSS v3.1
4.6
Média
| Vetor | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Mate 20 X versions earlier than 9.0.0.200(C00E200R2P1)
Mate 20 versions earlier than 9.0.0.200(C00E200R2P1)
Honor Magic 2 versions earlier than 9.0.0.182(C00E180R2P2)
Description
The issue is related to a Factory Reset Protection (FRP) bypass. It occurs because the system does not sufficiently verify permissions, allowing an attacker to perform a specific operation during a certain step of the setup wizard. Successful exploitation could enable the attacker to bypass FRP protection.
Recommendations
For Mate 20 X versions earlier than 9.0.0.200(C00E200R2P1), update to version 9.0.0.200(C00E200R2P1) or later.
For Mate 20 versions earlier than 9.0.0.200(C00E200R2P1), update to version 9.0.0.200(C00E200R2P1) or later.
For Honor Magic 2 versions earlier than 9.0.0.182(C00E180R2P2), update to version 9.0.0.182(C00E180R2P2) or later.
Correção
Incorrect Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Honor Magic2
Mate 20 X