VYPR
← All advisories
Unrated severityNVD Advisory· Published Jun 8, 2020· Updated Aug 5, 2024

CVE-2019-19412

CVE-2019-19412

Description

Huawei smart phones have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker login the Talkback mode and can perform some operations to install a third-Party application. Affected products can be found in https://www.huawei.com/en/psirt/security-advisories/huawei-sa-20200115-01-frp-en.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Huawei smart phones can have their Factory Reset Protection (FRP) bypassed by an attacker in Talkback mode installing a third-party app.

Vulnerability

CVE-2019-19412 is a Factory Reset Protection (FRP) bypass vulnerability in Huawei smart phones running versions earlier than the fixed releases detailed below. When a device is being reconfigured using FRP, an attacker can enter Talkback mode and perform specific operations to install a third-party application, thereby circumventing the FRP security mechanism. Affected products include the ALP-AL00B, ALP-L09, ALP-L29, and other models listed in the vendor advisory; affected versions are those prior to the resolved versions, for example, ALP-AL00B versions before 9.0.0.181(C00E87R2P20T8) [1].

Exploitation

An attacker must have physical access to the locked device after a factory reset and must be able to enable Talkback mode (an accessibility feature). The attacker then performs a sequence of operations within Talkback that allows the installation of a third-party application, bypassing the normal FRP verification that would otherwise require the previous Google account credentials [1]. No additional network access or authentication is required beyond this physical access.

Impact

Successful exploitation allows the attacker to bypass the Factory Reset Protection mechanism, enabling normal use of the device without the original owner's credentials. The impact is primarily to device integrity and confidentiality, as the attacker can install arbitrary third-party applications and gain full user-level access to the device, including personal data.

Mitigation

Huawei has released software updates to fix this vulnerability. Users should update their devices to the resolved versions specified in the advisory, such as ALP-AL00B version 9.0.0.181(C00E87R2P20T8) or later. The advisory is available at the vendor's security page [1]. No workaround is described if the patch cannot be applied.

References
  1. Security Advisory - FRP Bypass Vulnerability in Huawei Smart Phones

AI Insight generated on May 26, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.

Affected products

29
  • Huawei/Smart Phonellm-fuzzy
  • Huawei/ALP-AL00Bcpe-rescue
    Range: earlier than 9.0.0.181(C00E87R2P20T8)
  • Huawei/ALP-L09cpe-rescue
    Range: earlier than 9.0.0.201(C432E4R1P9)
  • Huawei/ALP-L29v5
    Range: earlier than 9.0.0.177(C185E2R1P12T8)
  • Huawei/Anne-AL00cpe-rescue
    Range: earlier than 8.0.0.168(C00)
  • Huawei/Berkeley-AL20cpe-rescue
    Range: earlier than 9.0.0.156(C00E156R2P14T8)
  • Huawei/Berkeley-BDcpe-rescue
    Range: earlier than 8.0.0.172(C432)
  • Huawei/BLA-AL00Bcpe-rescue
    Range: earlier than 9.0.0.181(C00E88R2P15T8)
  • Huawei/BLA-L09Cv5
    Range: earlier than 9.0.0.177(C185E2R1P13T8)
  • Huawei/BLA-L29cpe-rescue
    Range: earlier than 9.0.0.179(C576E2R1P7T8)
  • Huawei/Emily-L29Ccpe-rescue
    Range: earlier than 9.0.0.159(C185E2R1P12T8)
  • Huawei/Figo-L03v5
    Range: earlier than 9.1.0.130(C605E6R1P5T8)
  • Huawei/Figo-L21v5
    Range: earlier than 9.1.0.130(C185E6R1P5T8)
  • Huawei/Figo-L23v5
    Range: earlier than 9.1.0.130(C605E6R1P5T8)
  • Huawei/Figo-L31v5
    Range: earlier than 9.1.0.130(C432E8R1P5T8)
  • Huawei/Florida-L03v5
    Range: earlier than 9.1.0.121(C605E5R1P1T8)
  • Huawei/Florida-L21v5
    Range: earlier than 8.0.0.129(C605)
  • Huawei/Florida-L22v5
    Range: earlier than 8.0.0.132(C636)
  • Huawei/Florida-L23v5
    Range: earlier than 8.0.0.144(C605)
  • Huawei/Honor View 20cpe-rescue
    Range: earlier than 9.0.0.202(C567E6R1P12T8)
  • Huawei/HUAWEI nova 3e,HUAWEI P20 litev5
    Range: earlier than 8.0.0.147(C461)
  • Huawei/HUAWEI P30 litecpe-rescue
    Range: earlier than 8.0.0.148(C635)
  • Huawei/HUAWEI P smartv5
    Range: earlier than 9.1.0.130(C185E6R1P5T8)
  • Huawei/HUAWEI P smart,HUAWEI Y7sv5
    Range: earlier than 9.1.0.124(C636E6R1P5T8)
  • Huawei/Leland-AL00cpe-rescue
    Range: earlier than 8.0.0.182(C00)
  • Huawei/Leland-L21Av5
    Range: earlier than 8.0.0.135(C185)
  • Huawei/Leland-L22Av5
    Range: earlier than 9.1.0.118(C636E4R1P1T8)
  • Huawei/Leland-L22Cv5
    Range: earlier than 9.1.0.118(C636E4R1P1T8)
  • Huawei/Leland-L31Av5
    Range: earlier than 8.0.0.139(C432)

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

1

News mentions

0

No linked articles in our index yet.