PT-2019-17512 · Huawei · Honor Magic2+1
Published
2019-07-10
·
Updated
2020-08-24
·
CVE-2019-5220
CVSS v3.1
4.6
Medium
| Vector | AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Mate 20 X versions earlier than 9.0.0.200(C00E200R2P1)
Mate 20 versions earlier than 9.0.0.200(C00E200R2P1)
Honor Magic 2 versions earlier than 9.0.0.182(C00E180R2P2)
Description
The issue is related to a Factory Reset Protection (FRP) bypass. It occurs because the system does not sufficiently verify permissions, allowing an attacker to perform a specific operation during a certain step of the setup wizard. Successful exploitation could enable the attacker to bypass FRP protection.
Recommendations
For Mate 20 X versions earlier than 9.0.0.200(C00E200R2P1), update to version 9.0.0.200(C00E200R2P1) or later.
For Mate 20 versions earlier than 9.0.0.200(C00E200R2P1), update to version 9.0.0.200(C00E200R2P1) or later.
For Honor Magic 2 versions earlier than 9.0.0.182(C00E180R2P2), update to version 9.0.0.182(C00E180R2P2) or later.
Fix
Incorrect Authorization
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Honor Magic2
Mate 20 X