VYPR
Medium severity6.6NVD Advisory· Published Mar 19, 2017· Updated Jun 17, 2026

CVE-2017-5623

CVE-2017-5623

Description

An issue was discovered in OxygenOS before 4.1.0 on OnePlus 3 and 3T devices. The attacker can change the bootmode of the device by issuing the 'fastboot oem boot_mode {rf/wlan/ftm/normal} command' in contradiction to the threat model of Android where the bootloader MUST NOT allow any security-sensitive operation to be run unless the bootloader is unlocked.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Oneplus/Oxygenos2 versions
    cpe:2.3:o:oneplus:oxygenos:*:*:*:*:*:*:*:*+ 1 more
    • cpe:2.3:o:oneplus:oxygenos:*:*:*:*:*:*:*:*range: <=4.0.3
    • (no CPE)range: <4.1.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.