ID

VAR-202006-0752


CVE

CVE-2019-19412


TITLE

plural Huawei Vulnerabilities in smartphones

Trust: 0.8

sources: JVNDB: JVNDB-2019-015648

DESCRIPTION

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en. plural Huawei There are unspecified vulnerabilities in smartphones.Information may be tampered with

Trust: 1.62

sources: NVD: CVE-2019-19412 // JVNDB: JVNDB-2019-015648

AFFECTED PRODUCTS

vendor:huaweimodel:leland-l21ascope:ltversion:8.0.0.135\(c185\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.159\(c185e2r1p12t8\)

Trust: 1.0

vendor:huaweimodel:florida-l21scope:ltversion:8.0.0.131\(c432\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.160\(c605\)

Trust: 1.0

vendor:huaweimodel:figo-l03scope:ltversion:9.1.0.130\(c605e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.148\(c635\)

Trust: 1.0

vendor:huaweimodel:bla-al00bscope:ltversion:9.0.0.181\(c00e88r2p15t8\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.155\(c605\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.168\(c432\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.160\(c605\)

Trust: 1.0

vendor:huaweimodel:florida-l23scope:ltversion:8.0.0.144\(c605\)

Trust: 1.0

vendor:huaweimodel:y7sscope:ltversion:9.1.0.124\(c636e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.165\(c605e2r1p12\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.157\(c432\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.172\(c636\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.168\(c432\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.147\(c461\)

Trust: 1.0

vendor:huaweimodel:alp-l29scope:ltversion:9.0.0.177\(c185e2r1p12t8\)

Trust: 1.0

vendor:huaweimodel:florida-l21scope:ltversion:8.0.0.132\(c185\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.160\(c185\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.168\(c636e7r1p13t8\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.172\(c636\)

Trust: 1.0

vendor:huaweimodel:alp-l09scope:ltversion:9.0.0.201\(c432e4r1p9\)

Trust: 1.0

vendor:huaweimodel:alp-l29scope:ltversion:9.0.0.195\(c636e2r1p12\)

Trust: 1.0

vendor:huaweimodel:figo-l21scope:ltversion:9.1.0.130\(c635e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:berkeley-l09scope:ltversion:8.0.0.172\(c432\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.156\(c605\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.147\(c461\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.155\(c185\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.160\(c185\)

Trust: 1.0

vendor:huaweimodel:leland-l22cscope:ltversion:9.1.0.118\(c636e4r1p1t8\)

Trust: 1.0

vendor:huaweimodel:alp-al00bscope:ltversion:9.0.0.181\(c00e87r2p20t8\)

Trust: 1.0

vendor:huaweimodel:florida-l21scope:ltversion:8.0.0.129\(c605\)

Trust: 1.0

vendor:huaweimodel:figo-l31scope:ltversion:9.1.0.130\(c432e8r1p5t8\)

Trust: 1.0

vendor:huaweimodel:berkeley-al20scope:ltversion:9.0.0.156\(c00e156r2p14t8\)

Trust: 1.0

vendor:huaweimodel:bla-l29cscope:ltversion:9.0.0.206\(c432e4r1p11\)

Trust: 1.0

vendor:huaweimodel:bla-l29cscope:ltversion:9.0.0.210\(c635e4r1p13\)

Trust: 1.0

vendor:huaweimodel:leland-al00ascope:ltversion:8.0.0.182\(c00\)

Trust: 1.0

vendor:huaweimodel:anne-al00scope:ltversion:8.0.0.168\(c00\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.168\(c782e3r1p11t8\)

Trust: 1.0

vendor:huaweimodel:p smartscope:ltversion:9.1.0.130\(c605e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:leland-l22ascope:ltversion:9.1.0.118\(c636e4r1p1t8\)

Trust: 1.0

vendor:huaweimodel:bla-l29cscope:ltversion:9.0.0.179\(c576e2r1p7t8\)

Trust: 1.0

vendor:huaweimodel:nova 3escope:ltversion:8.0.0.148\(zafc185\)

Trust: 1.0

vendor:huaweimodel:bla-l09cscope:ltversion:9.0.0.206\(c432e4r1p11\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.159\(c461e2r1p11t8\)

Trust: 1.0

vendor:huaweimodel:florida-l03scope:ltversion:9.1.0.121\(c605e5r1p1t8\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.196\(c635e2r1p11t8\)

Trust: 1.0

vendor:huaweimodel:figo-l23scope:ltversion:9.1.0.130\(c605e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:florida-l22scope:ltversion:8.0.0.132\(c636\)

Trust: 1.0

vendor:huaweimodel:bla-l09cscope:ltversion:9.0.0.177\(c185e2r1p13t8\)

Trust: 1.0

vendor:huaweimodel:bla-l29cscope:ltversion:9.0.0.194\(c185e2r1p13\)

Trust: 1.0

vendor:huaweimodel:p smartscope:ltversion:9.1.0.130\(c185e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:emily-l29cscope:ltversion:9.0.0.160\(c432e7r1p11t8\)

Trust: 1.0

vendor:huaweimodel:p20 litescope:ltversion:8.0.0.148\(zafc185\)

Trust: 1.0

vendor:huaweimodel:honor view 10scope:ltversion:9.0.0.202\(c567e6r1p12t8\)

Trust: 1.0

vendor:huaweimodel:leland-l31ascope:ltversion:8.0.0.139\(c432\)

Trust: 1.0

vendor:huaweimodel:leland-l21ascope:ltversion:9.1.0.118\(c636e4r1p1t8\)

Trust: 1.0

vendor:huaweimodel:berkeley-l09scope:ltversion:8.0.0.173\(c636\)

Trust: 1.0

vendor:huaweimodel:figo-l21scope:ltversion:9.1.0.130\(c185e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:p smartscope:ltversion:9.1.0.124\(c636e6r1p5t8\)

Trust: 1.0

vendor:huaweimodel:alp-al00bscope:eqversion:9.0.0.181(c00e87r2p20t8)

Trust: 0.8

vendor:huaweimodel:alp-l09scope:eqversion:9.0.0.201(c432e4r1p9)

Trust: 0.8

vendor:huaweimodel:alp-l29scope:eqversion:9.0.0.177(c185e2r1p12t8)

Trust: 0.8

vendor:huaweimodel:alp-l29scope:eqversion:9.0.0.195(c636e2r1p12)

Trust: 0.8

vendor:huaweimodel:anne-al00scope:eqversion:8.0.0.168(c00)

Trust: 0.8

vendor:huaweimodel:bla-al00bscope:eqversion:9.0.0.181(c00e88r2p15t8)

Trust: 0.8

vendor:huaweimodel:bla-l09cscope:eqversion:9.0.0.177(c185e2r1p13t8)

Trust: 0.8

vendor:huaweimodel:bla-l09cscope:eqversion:9.0.0.206(c432e4r1p11)

Trust: 0.8

vendor:huaweimodel:bla-l29cscope:eqversion:9.0.0.179(c576e2r1p7t8)

Trust: 0.8

vendor:huaweimodel:bla-l29cscope:eqversion:9.0.0.194(c185e2r1p13)

Trust: 0.8

vendor:huaweimodel:bla-l29cscope:eqversion:9.0.0.206(c432e4r1p11)

Trust: 0.8

vendor:huaweimodel:bla-l29cscope:eqversion:9.0.0.210(c635e4r1p13)

Trust: 0.8

sources: JVNDB: JVNDB-2019-015648 // NVD: CVE-2019-19412

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2019-19412
value: MEDIUM

Trust: 1.0

NVD: JVNDB-2019-015648
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-202001-783
value: MEDIUM

Trust: 0.6

nvd@nist.gov: CVE-2019-19412
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.0

NVD: JVNDB-2019-015648
severity: LOW
baseScore: 2.1
vectorString: AV:L/AC:L/AU:N/C:N/I:P/A:N
accessVector: LOCAL
accessComplexity: LOW
authentication: NONE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.8

nvd@nist.gov: CVE-2019-19412
baseSeverity: MEDIUM
baseScore: 4.6
vectorString: CVSS:3.1/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 0.9
impactScore: 3.6
version: 3.1

Trust: 1.0

NVD: JVNDB-2019-015648
baseSeverity: MEDIUM
baseScore: 4.6
vectorString: CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
attackVector: PHYSICAL
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: JVNDB: JVNDB-2019-015648 // CNNVD: CNNVD-202001-783 // NVD: CVE-2019-19412

PROBLEMTYPE DATA

problemtype:NVD-CWE-noinfo

Trust: 1.0

sources: NVD: CVE-2019-19412

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202001-783

CONFIGURATIONS

sources: JVNDB: JVNDB-2019-015648

PATCH

title:huawei-sa-20200115-01-frpurl:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en

Trust: 0.8

title:Multiple Huawei Product security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=107111

Trust: 0.6

sources: JVNDB: JVNDB-2019-015648 // CNNVD: CNNVD-202001-783

EXTERNAL IDS

db:NVDid:CVE-2019-19412

Trust: 2.4

db:JVNDBid:JVNDB-2019-015648

Trust: 0.8

db:CNNVDid:CNNVD-202001-783

Trust: 0.6

sources: JVNDB: JVNDB-2019-015648 // CNNVD: CNNVD-202001-783 // NVD: CVE-2019-19412

REFERENCES

url:https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en

Trust: 1.6

url:https://nvd.nist.gov/vuln/detail/cve-2019-19412

Trust: 1.4

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-19412

Trust: 0.8

url:https://www.huawei.com/cn/psirt/security-advisories/huawei-sa-20200115-01-frp-cn

Trust: 0.6

sources: JVNDB: JVNDB-2019-015648 // CNNVD: CNNVD-202001-783 // NVD: CVE-2019-19412

CREDITS

The vulnerability was discovered by Huawei internal testing.

Trust: 0.6

sources: CNNVD: CNNVD-202001-783

SOURCES

db:JVNDBid:JVNDB-2019-015648
db:CNNVDid:CNNVD-202001-783
db:NVDid:CVE-2019-19412

LAST UPDATE DATE

2024-11-23T22:11:28.102000+00:00


SOURCES UPDATE DATE

db:JVNDBid:JVNDB-2019-015648date:2020-07-02T00:00:00
db:CNNVDid:CNNVD-202001-783date:2021-01-05T00:00:00
db:NVDid:CVE-2019-19412date:2024-11-21T04:34:43.503

SOURCES RELEASE DATE

db:JVNDBid:JVNDB-2019-015648date:2020-07-02T00:00:00
db:CNNVDid:CNNVD-202001-783date:2020-01-15T00:00:00
db:NVDid:CVE-2019-19412date:2020-06-08T19:15:10.517