Security feature bypass

2017-11-2219:29:00

PRIOn knowledge base

www.prio-n.com

4.7 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

29.4%

JSON

BTV-W09C229B002CUSTC229D005,BTV-W09C233B029, earlier than BTV-W09C100B006CUSTC100D002 versions, earlier than BTV-W09C128B003CUSTC128D002 versions, earlier than BTV-W09C199B002CUSTC199D002 versions, earlier than BTV-W09C209B005CUSTC209D001 versions, earlier than BTV-W09C331B002CUSTC331D001 versions, earlier than CRR-L09C432B390 versions, earlier than CRR-L09C605B355CUSTC605D003 versions have a Factory Reset Protection (FRP) bypass security vulnerability. When re-configuring the mobile phone using the factory reset protection (FRP) function, an attacker can perform some operations to update the Google account. As a result, the FRP function is bypassed.

CPENameOperatorVersion
beethoven-w09a_firmwareeqbtv-w9c229b2custc229d5
beethoven-w09a_firmwareeqbtv-w9c233b29
beethoven-w09a_firmwareeq< btv-w9c100b6custc100d2
beethoven-w09a_firmwareeq< btv-w9c128b3custc128d2
beethoven-w09a_firmwareeq< btv-w9c199b2custc199d2
beethoven-w09a_firmwareeq< btv-w9c209b5custc209d1
beethoven-w09a_firmwareeq< btv-w9c331b2custc331d1
crr-l09_firmwareeq< crr-l9c432b390
crr-l09_firmwareeq< crr-l9c605b355custc605d3

Name	Operator	Version
beethoven-w09a_firmware	eq	btv-w9c229b2custc229d5
beethoven-w09a_firmware	eq	btv-w9c233b29
beethoven-w09a_firmware	eq	< btv-w9c100b6custc100d2
beethoven-w09a_firmware	eq	< btv-w9c128b3custc128d2
beethoven-w09a_firmware	eq	< btv-w9c199b2custc199d2
beethoven-w09a_firmware	eq	< btv-w9c209b5custc209d1
beethoven-w09a_firmware	eq	< btv-w9c331b2custc331d1
crr-l09_firmware	eq	< crr-l9c432b390
crr-l09_firmware	eq	< crr-l9c605b355custc605d3