OnePlus is working on patching the other

Feb 10, 2017 08:05 GMT  ·  By

A few days ago, we reported that OnePlus might have artificially tweaked its benchmark results and today we have another piece of information that’s not in favor of OnePlus 3. Apparently, two major vulnerabilities were found in OnePlus 3’s bootloader.

OnePlus offers owners of its smartphones the option to unlock bootloaders without any special permissions or codes. An unlocked bootloader offers users the option to root their smartphones and make all sort of tweaks and changes to the device’s software and settings.

However, security researcher Roee Hay (via AndroidPolice) has found that OnePlus 3 and OnePlus 3T have two booloader vulnerabilities that might affect the privacy of user data.

Malicious code can be run without resetting user data

Roee Hay found that he could install unverified boot images and disable the verified boot feature on the OnePlus 3 and OnePlus 3T using two native fastboot commands. This can be done without actually unlocking the bootloader with the user-accessible command.

This means that anyone can run malicious code on the two phones, without having to previously reset user data. One of the vulnerabilities affects OnePlus’ custom Oxygen OS version 3.2 to 4.0.1, while the other plagues all Oxygen OS versions.

The second vulnerability allows users to disable the dm-verity on the OnePlus 3 or OnePlus 3T and get access to the smartphone’s settings and apps, in order to execute highly privileged code or access main functions without the owner’s consent. These two vulnerabilities can be used together to access, modify and even copy user data.

OnePlus was informed about the first vulnerability and managed to patch it in a recent update. This means that OnePlus 3 and OnePlus 3T smartphones running OxygenOS 4.0.2 aren’t affected by this issue. But OnePlus has yet to patch the second vulnerability, although the company already acknowledged the issue and said that it would fix it in a future update. Other OnePlus smartphones don’t seem to be affected.