Emily-AL00A 9.0.0.167 Security Bypass Restriction Vulnerability

Summary

There is a Factory Reset Protection (FRP) bypass security vulnerability in P20 Huawei smart phones versions before Emily-AL00A 9.0.0.167(C00E81R1P21T8). When re-configuring the mobile phone using the FRP function, an attacker can delete the activation lock after a series of operations. As a result, the FRP function is bypassed and the attacker gains access to the smartphone.

Credit:

The information has been provided by Huawei 
The original article can be found at: https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20190228-01-smartphone-en


Details

Emily-AL00A is prone to a bypass vulnerability. This allow an attacker to bypass detection or blocking system, which could allow malware to pass through the system undetected 

Vulnerable Systems:

  • Emily-AL00A 9.0.0.167

    CVE Information:
    CVE-2019-5306

    Disclosure Timeline:
    Publish Date:06/04/2019