59 matches found
EUVD-2017-14719
Malware in sbrugna...
EUVD-2017-14723
Malware in sbrugna...
EUVD-2017-15017
Malware in sbrugna...
EUVD-2017-14721
Malware in sbrugna...
EUVD-2017-14720
Malware in sbrugna...
EUVD-2017-14722
Malware in sbrugna...
CVE-2025-10184: OnePlus OxygenOS Telephony provider permission bypass (FIXED as of October 11, 2025)
Overview Rapid7 has identified a permission bypass vulnerability in multiple versions of OnePlus OxygenOS installed on its Android smartphones, across multiple devices. It is expected that a wider range of devices than those tested are affected. When leveraged, the vulnerability allows any...
OnePlus OxygenOS 安全漏洞
OnePlus OxygenOS is a smartphone operating system from Chinese company OnePlus. A security vulnerability exists in OnePlus OxygenOS, which stems from a lack of write access to multiple content providers and SQL injection in the update method of these providers, which could lead to the disclosure ...
OnePlus 6 Flaw Allows to Boot Any Image Even With Locked Bootloader
Have you recently bought a OnePlus 6? Don't leave your phone unattended. A serious vulnerability has been discovered in the OnePlus 6 bootloader that makes it possible for someone to boot arbitrary or modified images to take full admin control of your phone—even if the bootloader is locked. A...
Code injection
An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download EDL mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading partitions such as...
CVE-2017-5947
The CVE-2017-5947 issue affects OnePlus devices (OnePlus One, X, 2, 3, 3T, 5) running OxygenOS 5.0 and earlier. The root cause is the ability to force a reboot into Qualcomm Emergency Download (EDL) mode via ADB or Volume-Up when USB is connected, which can enable downgrading critical partitions ...
The vulnerability of the OxygenOS operating system in OnePlus 3 and 3T devices allows attackers to gain elevated privileges and expose sensitive information.
The vulnerability of the OxygenOS operating system in OnePlus 3 and 3T devices is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor, operating remotely, to gain root privileges and disclose sensitive information by replacing the device’s system...
The vulnerability of the OxygenOS operating system on OnePlus 3 and 3T devices, which allows a hacker to gain increased privileges
The vulnerability of the OxygenOS operating system in OnePlus 3 and 3T devices is related to deficiencies in access control. Exploiting this vulnerability can allow a malicious actor to gain root privileges and block notifications regarding the replacement of the system partition by using the...
OnePlus Left A Backdoor That Allows Root Access Without Unlocking Bootloader
Another terrible news for OnePlus users. Just over a month after OnePlus was caught collecting personally identifiable information on its users, the Chinese smartphone company has been found leaving a backdoor on almost all OnePlus handsets. A Twitter user, who goes by the name "Elliot Anderson"...
OnePlus Secretly Collects Way More Data Than It Should — Here’s How to Disable It
There is terrible news for all OnePlus lovers. Your OnePlus handset, running OxygenOS—the company's custom version of the Android operating system, is collecting way more data on its users than it requires. A recent blog post published today by security researcher Christopher Moore on his website...
Unspecified Vulnerability in OxygenOS and HydrogenOS OTAs for Multiple OnePlus Products
OnePlus One and others are smartphones from China's OnePlus Technology OnePlus.OxygenOS and HydrogenOS are both operating systems that come with them.HydrogenOS OTAs is a system update application in HydrogenOS. A security vulnerability exists in OxygenOS and HydrogenOS OTAs in multiple OnePlus...
OnePlus 3/3T OxygenOS SELinux Security Bypass(CVE-2017-5554)
Products OnePlus 3T OnePlus 3 Vulnerable Version OxygenOS prior to 4.0.2 Technical Details The attacker can reboot a OnePlus 3/3T device into the fastboot mode, which could be done without any authentication. A physical attacker can press the “Volume Up” button during device boot, where an attack...
OnePlus OTA Downgrade Vulnerability(CVE-2017-5948)
Products OnePlus 3T OnePlus 3 OnePlus 2 OnePlus X OnePlus One Vulnerable Version All OnePlus OxygenOS & HydrogenOS OTAs Technical Details lenient updater-script in the OnePlus OTAs which does not check that the current version is lower than or equal to the given image’s see below the 4.0.0...
OnePlus OTA OxygenOS/HydrogenOS Crossover Vulnerability(CVE-2017-8850)
Products OnePlus 3T OnePlus 3 OnePlus 2 OnePlus X OnePlus One Vulnerable Version All OnePlus OxygenOS & HydrogenOS OTAs Technical Details Due to lenient updater-script in the OnePlus OTA images see below, and the fact both ROMs use the same OTA verification keys, attackers can install HydrogenOS...
OnePlus 3/3T OxygenOS Unauthorized Flash Dumping via fastboot(CVE-2017-5625)
Products OnePlus 3T OnePlus 3 Vulnerable Version OxygenOS 4.0.2 and earlier Mitigation Install OxygenOS 4.0.3 or later Summary A physical attacker, PC malware / malicious charger having ADB or fastboot access to the device can cause a locked bootloader to partially dump the content of an arbitrar...