OnePlus 6 has a vulnerability that leads to bootloader protection bypass

NewsMobilesOnePlus
By Simranpal Singh
Last Updated:
0

OnePlus devices, like most of the Android devices have been plagued by some sort of critical vulnerabilities over the past years. If you recall, the well-known “backdoor” vulnerability featuring the Engineering Mode app as the culprit on OnePlus 5T and its predecessors have deployed much concern regarding the security of Android devices as whole. Looks like, the latest OnePlus flagship, OnePlus 6 is also not at all devoid of such vulnerabilities.

Jason Donenfeld, president of Edge Security LLC cum a recognized developer at XDA with pseudo-name zx2c4, has discovered a vulnerability that lets an attacker flash an arbitrary modified image on even bootloader locked OnePlus 6 units. The attacker only needs the physical access of your device in order to bypass the bootloader protection measures.

Unlike the aforementioned backdoor vulnerability which requires the user to have USB Debugging already enabled to initiate the attack, in this case it’s not needed. Literally, making the situation more alarming as the attacker can grab the full access of any OnePlus 6, no matter whether secure lock is enabled or disabled on the device.

Join us on Telegram

Join us on Google News

As you can see, here the bootloader is not performing the job what it’s actually meant for. That is, to prevent the unsigned or unauthorized images to be flashed onto the system. There are even reports that, TWRP can be flashed on OnePlus 6 without unlocking the bootloader and that, in deed, is the proof of this flaw.

Since the issue has now become wide-spread and presumably hot talk of the tech-town. OnePlus is now live apparently acknowledging the issue. In a statement given to the users, OnePlus has ensured to roll-out an update soon to uproot the vulnerability from the device.

We take security seriously at OnePlus. We are in contact with the security researcher, and a software update will be rolling out shortly.” – OnePlus spokesperson

Simranpal Singh
Simranpal Singh
With a decade-long journey in the tech industry, I've been actively engaged in tech reporting across various reputable publications. He currently works as a Web Developer at RightNode Media and pursues his hobby of writing on GoAndroid. Enjoy travelling, and always excited about new tech trends. He actively contributes on GizmoChina and GChromecast Hub.
Previous article
OxygenOS 5.1.6 update for OnePlus 6 brings tons of new features and improvements
Next article
Best Custom ROMs for Xiaomi Redmi 5A (2019)
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

You Might Like

Thing you should check

Affordable Android Phones at DHgate

How To

Best Of

logo

[email protected]

Welcome to GoAndroid! We closely work with entities like Google, OnePlus, Huawei, Samsung and many others to provide real and fact based news to our users. Our motive is to stay ahead in the Android related news curve. We try our best to provide the real time news related to Android and analysis on the Gadgets. We are part of RightNode Media LLP.

Follow US

Copyright © 2024 @GoAndroid (Formerly known as GoAndroid.co.in) - Part of RightNode Media LLP