CVE-2018-7939

Huawei smart phones G9 Lite, Honor 5A, Honor 6X, Honor 8 with the versions before VNS-L53C605B120CUSTC605D103, the versions before CAM-L03C605B143CUSTC605D008, the versions before CAM-L21C10B145, the versions before CAM-L21C185B156, the versions before CAM-L21C223B133, the versions before CAM-L21C432B210, the versions before CAM-L21C464B170, the versions before CAM-L21C636B245, the versions before Berlin-L21C10B372, the versions before Berlin-L21C185B363, the versions before Berlin-L21C464B137, the versions before Berlin-L23C605B161, the versions before FRD-L09C10B387, the versions before FRD-L09C185B387, the versions before FRD-L09C432B398, the versions before FRD-L09C636B387, the versions before FRD-L19C10B387, the versions before FRD-L19C432B399, the versions before FRD-L19C636B387 have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can disable the boot wizard by enable the talkback function. As a result, the FRP function is bypassed.
Configurations

Configuration 1 (hide)

AND
cpe:2.3:o:huawei:g9_lite_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:g9_lite:-:*:*:*:*:*:*:*

Configuration 2 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 3 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 5 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 6 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 7 (hide)

AND
cpe:2.3:o:huawei:honor_5a:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 8 (hide)

AND
cpe:2.3:o:huawei:honor_5a_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_5a:-:*:*:*:*:*:*:*

Configuration 9 (hide)

AND
cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*

Configuration 10 (hide)

AND
cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*

Configuration 11 (hide)

AND
cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*

Configuration 12 (hide)

AND
cpe:2.3:o:huawei:honor_6x_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_6x:-:*:*:*:*:*:*:*

Configuration 13 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 14 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 15 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 16 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 17 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 18 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

Configuration 19 (hide)

AND
cpe:2.3:o:huawei:honor_8_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:huawei:honor_8:-:*:*:*:*:*:*:*

History

21 Nov 2024, 04:12

Type Values Removed Values Added
References () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180905-01-frpbypass-en - Vendor Advisory () http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20180905-01-frpbypass-en - Vendor Advisory

Information

Published : 2018-09-12 15:29

Updated : 2024-11-21 04:12


NVD link : CVE-2018-7939

Mitre link : CVE-2018-7939

CVE.ORG link : CVE-2018-7939


JSON object : View

Products Affected

huawei

  • honor_8
  • honor_5a
  • g9_lite
  • honor_6x_firmware
  • honor_5a_firmware
  • honor_8_firmware
  • g9_lite_firmware
  • honor_6x