Oxygenos@4.0.2 Security Vulnerabilities and Issues — Oxygenos@4.0.2 CVE List

Lucene search

OneplusOxygenos4.0.2

3 matches found

CVE•added 2017/03/12 5:59 a.m.•56 views

CVE-2017-5624

An issue was discovered in OxygenOS before 4.0.3 for OnePlus 3 and 3T. The attacker can persistently make the (locked) bootloader start the platform with dm-verity disabled, by issuing the 'fastboot oem disable_dm_verity' command. Having dm-verity disabled, the kernel will not verify the system par...

10CVSS9.4AI score0.01967EPSS

CVE•added 2017/03/26 8:59 p.m.•51 views

CVE-2017-5622

With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further exploit other vulnera...

5.9CVSS5.6AI score0.00063EPSS

CVE•added 2017/04/25 4:59 p.m.•44 views

CVE-2017-5625

In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump ' fastboot command.

4.6CVSS4.8AI score0.0008EPSS