11 matches found
CVE-2017-5623
Technical details specific to CVE-2017-5623 are not provided in the connected documents. The materials discuss related CVEs and general context. Monitor for updates.
CVE-2017-5626
CVE-2017-5626 affects OnePlus OnePlus 3/3T with OxygenOS before 4.0.2. The vulnerability hinges on two hidden fastboot oem commands (4F500301 and 4F500302) that bypass the bootloader lock, ignore OEM Unlocking, and do not require user confirmation or data erasure. Exploitation was demonstrated by...
CVE-2017-5624
CVE-2017-5624 affects OnePlus 3/3T OxygenOS before 4.0.3, where the attacker can bypass dm-verity by issuing fastboot oem disable_dm_verity, causing the kernel to verify no partitions and enabling persistent code execution and privilege escalation. Public writeups describe a chain with CVE-2017-5...
CVE-2017-5622
CVE-2017-5622 (OnePlus 3/3T, OxygenOS prior to 4.0.3) describes a vulnerability where a charger connected to a powered‑off device enables adbd, allowing an attacker to open an ADB session without user authorization. The linked sources explain that OnePlus customized adbd to bypass ADB authorizati...
CVE-2017-5948
CVE-2017-5948 is a downgrade-attack vulnerability in OnePlus OxygenOS and HydrogenOS OTA updates. The root cause is a lenient updater-script in OTAs for OnePlus One, X, 2, 3, and 3T that does not enforce that the current version is
CVE-2016-10370
An issue linked to CVE-2016-10370 affects OnePlus OTA updaters on devices such as OnePlus 3/3T: the OTA image is delivered over HTTP without TLS, increasing the attack surface and enabling potential exploitation of other vulnerabilities (CVE-2017-5948, CVE-2017-8850, CVE-2017-8851). The root caus...
CVE-2017-8850
CVE-2017-8850 covers OnePlus OTA downgrade/crossover vulnerabilities caused by lenient updater-scripts and shared OTA keys across OxygenOS and HydrogenOS, enabling cross-flash of OTAs and MiTM abuse of the update channel. The issue affects OnePlus devices including OnePlus One, X, 2, 3, and 3T, w...
CVE-2017-8851
CVE-2017-8851 affects OnePlus One and OnePlus X. A lenient updater-script, shared OTA verification keys, and identical ro.build.product allow cross-flashing of OTAs between products, even with locked bootloaders. This enables MiTM targets of the update process and, since updates are not over TLS ...
CVE-2017-5554
The CVE covers OnePlus 3/3T devices running OxygenOS before 4.0.2. A physical attacker can boot into fastboot without authentication by pressing Volume Up during boot and using adb reboot bootloader. Once in fastboot, the attacker can issue fastboot oem selinux permissive to set SELinux to Permis...
CVE-2017-5625
The CVE affects OnePlus 3/3T devices running OxygenOS before 4.0.3. A compromised fastboot interface can allow an unauthorized attacker with physical access and bootloader that is locked to partially dump ciphertext content from arbitrary partitions (excluding keystore) via fastboot oem dump . Th...
CVE-2017-5947
The CVE-2017-5947 issue affects OnePlus devices (OnePlus One, X, 2, 3, 3T, 5) running OxygenOS 5.0 and earlier. The root cause is the ability to force a reboot into Qualcomm Emergency Download (EDL) mode via ADB or Volume-Up when USB is connected, which can enable downgrading critical partitions ...