123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Technology,-Gadget-and-Science >> View Article

Vulnerabilities In Oneplus Devices

Profile Picture
By Author: Wisemonkeys
Total Articles: 277
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

A shockingly bad news have been emerged for the OnePlus lovers. On January 26, 2017, a security researcher, “ Roee Hay of Aleph Research “ had discovered four vulnerabilities that affect all OnePlus handsets, including One, X, 2, 3 and 3T. Roee and his team notified OnePlus team about four different vulnerabilities that they felt needed to be patched. Two of these have been marked as critical (CVE-2017–5948 & CVE-2017–8850) while the other two had their severity marked as high (CVE-2017–8851 & CVE-2016–10370). The team reported these to OnePlus in a responsible manner and with that came a 90-day disclosure deadline. Aleph Research went as far as to even extend this by 14 days, but they are still left unpatched. However, when OnePlus failed to release patches for the issues even after 90 days of responsible disclosure, and 14 days of additional ultimatum, the researcher decided to go public with the details of the vulnerabilities. One of the unpatched vulnerabilities allows Man-in-the-Middle (MitM) attack against OnePlus device users, allowing a remote attacker to downgrade the device’s operating system ...
... to an older version, which could then expand the attack surface for exploitation of previously disclosed now-patched vulnerabilities. Let’s see what those vulnerabilities are:

OnePlus OTA Lack Of TLS Vulnerability: CVE-2016–10370.
Roee Hay have claimed that OnePlus is rolling OS and security update over an unencrypted channel. According to them, OnePlus delivers OTA (over-the-air) updates over HTTP (Hypertext Transfer Protocol) without TLS (Transport Layer Security), enabling many to perform MitM attack on the devices.

2. OnePlus OTA Downgrade Vulnerability: CVE-2017–5948

This flaw allows a remote attacker to downgrade the operating system of a targeted OnePlus device, either running on OxygenOS or HydrogenOS, to an earlier version that may contain vulnerabilities disclosed previously. Since all the OnePlus OTAs of different ROMs and products are signed by the same digital key, the device will accept and install any OTA image, even if the bootloader is locked.

Security Researcher demonstrates how we can exploit CVE-2017–5948 & CVE-2016–10370 in order to downgrade OxygenOS from 4.1.3 to 4.0.0 via MiTM.

3. Same Product ROM Crossover (CVE-2017–8850).

This flaw allows a remote attacker to replace any version of OxygenOS on a targeted OnePlus device with any version of HydrogenOS, even on locked bootloaders. This attack is possible because of the fact that both ROMs use the same OTA verification keys.

4. Different Product ROM Crossover (CVE-2017–8851).

This flaw, which only affects OnePlus X and OnePlus One, is practically same as the above two, but in this case, a remote MiTM attacker can even replace the OS (Oxygen/Hydrogen) designed for OnePlus X with the OS (Oxygen/Hydrogen) designed for OnePlus One, even on locked bootloaders. This is because both the devices use the same OTA verification keys and share the same ro.build.product system property.

“That could theoretically allow for exploitation of vulnerabilities patched on one image but not on the other, in addition to the expansion of the attack surface,” Hay says. “Moreover, the vulnerability may result in having the device unusable until a Factory Reset is performed.”
All this flaws are still unpatched as on September 2017 despite of the fact that the researchers reported to the OnePlus team in January 2017 and then made it public in May 2017. ADVICE: I would Suggest Oneplus users to avoid connecting to untrusted networks or public Wi-Fi networks as exploitation requires the attacker and the targeted device to be on the same network Source: Aleph Security Found it Interesting? Follow Me Here : Taha Chatriwala Stay Secure ! Stay Happy !!

Wisemonkeys(https://wisemonkeys.info/), is an LMS platform with unique features like “Ask a question” and get it answers by experts within no time . It’s a mass initiative to spread knowledge worldwide, truly believe in “When we know knowledge is free then why not spread it.” From various sectors to industries, write your heart out and get noticed.

Explore Wisemonkeys now.(https://me.wisemonkeys.info/login)

For the Monkeys | By the Monkeys.

Total Views: 201Word Count: 642See All articles From Author

Add Comment

Technology, Gadget and Science Articles

1. Ssd Vs Hdd: Which Storage Drive Is Better For You?
Author: Stellar India

2. Understanding Css Preprocessors: Sass And Less
Author: SEO Niotechone Software

3. Was Ist Ein Tagerechner Und Wofür Wird Er Benutzt?
Author: Steffen Stahl

4. Is Your Business Ready For Ai-ml Development Services In 2025? Here’s How Top Services Help
Author: Ozrit Technologies

5. Web Scraping Ultra-processed Food Trends And Reviews
Author: Food Data Scrape

6. Virtual Receptionists - Opening New Opportunities For Businesses At Large
Author: Oliver Trevascus

7. Revolutionizing Manufacturing With Advanced Wood Plastic Composite Machines
Author: Machinemg

8. Essential Seo Tools To Skyrocket Your Website's Performance
Author: Mahesh

9. How Can You Benefit Out Of A Strong Customer Relation?
Author: Eliza Garran

10. Ui/ux Design For Web Applications: A Comprehensive Guide
Author: SEO Niotechone Software

11. Top 7 Benefits Of Implementing Odoo Erp For Your Business
Author: Alex Forsyth

12. Jaspersoft Consultancy For Advanced Reporting And Data Visualization Solutions
Author: Vhelical

13. 10 Common Voip Sbc Integration Hurdles (and How To Smoothly Overcome Them)
Author: Hire VoIP Developer

14. Key Features Every Partner Portal Should Have In 2025
Author: crmjetty

15. Web Scraping Menu And Pricing Data From Didi Food Mexico
Author: Food Data Scrape

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: