CVE-2019-5297 — MEDIUM (4.6)

Q: How severe is CVE-2019-5297?

CVE-2019-5297 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2019-5297?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Emily-L29C Firmware, Huawei Emily-L29C.

Vulnerability Description

Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during the reset process, the attacker can perform some special operations to bypass the FRP function and obtain the right to use the mobile phone.

CVSS Score

4.6

MEDIUM

CVSS:3.0/AV:P/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Attack Vector

PHYSICAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

HIGH

Availability

NONE

Affected Products

Vendor	Product	Versions
Huawei	Emily-L29C Firmware	< 9.0.0.159
Huawei	Emily-L29C	-

References

https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190305-01-frp-enVendor Advisory
https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190305-01-frp-enVendor Advisory

FAQ

What is CVE-2019-5297?

CVE-2019-5297 is a vulnerability with a CVSS score of 4.6 (MEDIUM). Emily-L29C Huawei phones versions earlier than 9.0.0.159 (C185E2R1P12T8) have a Factory Reset Protection (FRP) bypass security vulnerability. Before the FRP account is verified and activated during th...

How severe is CVE-2019-5297?

CVE-2019-5297 has been rated MEDIUM with a CVSS base score of 4.6/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2019-5297?

Check the references section above for vendor advisories and patch information. Affected products include: Huawei Emily-L29C Firmware, Huawei Emily-L29C.