PT-2018-18338 · Huawei · Honor 6+3

Published

2018-09-12

·

Updated

2019-10-03

·

CVE-2018-7939

CVSS v2.0

4.9

Medium

VectorAV:L/AC:L/Au:N/C:N/I:C/A:N
Name of the Vulnerable Software and Affected Versions: Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before VNS-L53C605B120CUSTC605D103 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L03C605B143CUSTC605D008 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C10B145 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C185B156 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C223B133 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C432B210 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C464B170 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before CAM-L21C636B245 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before Berlin-L21C10B372 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before Berlin-L21C185B363 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before Berlin-L21C464B137 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before Berlin-L23C605B161 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L09C10B387 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L09C185B387 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L09C432B398 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L09C636B387 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L19C10B387 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L19C432B399 Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 versions before FRD-L19C636B387
Description: The issue is related to a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enabling the talkback function. As a result, the FRP function is bypassed.
Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Related Identifiers

CVE-2018-7939

Affected Products

G9 Lite
Honor 5A
Honor 6
Honor 8