OnePlus 3/3T OxygenOS Unauthorized Boot Mode Changing (CVE-2017-5623)

Summary A physical attacker or one with authorized-ADB access, e.g. PC malware can change the ‘boot mode’ of a locked OnePlus 3/3T device, by rebooting into fastboot and issuing the fastboot oem bootmode rf/wlan/ftm/normal command. The vulnerability may allow the attacker to elevate his privilege...