OnePlus 2
by Oneplus
CVEs (9)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2017-5626 | Cri | 0.64 | 9.8 | 0.03 | Mar 12, 2017 | OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset. This allows… | ||
| CVE-2016-10370 | Hig | 0.49 | 7.5 | 0.01 | May 11, 2017 | An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs (due to the digital signature), it unnecessarily increases the attack surface, and… | ||
| CVE-2017-5947 | Med | 0.44 | 6.8 | 0.00 | Mar 29, 2018 | An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading… | ||
| CVE-2017-8851 | Med | 0.38 | 5.9 | 0.00 | May 11, 2017 | An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the OnePlus One and X OTA images, the fact that both products use the same OTA verification keys, and the fact that both products share the same 'ro.build.product' system property, attackers… | ||
| CVE-2017-5948 | Med | 0.38 | 5.9 | 0.01 | May 11, 2017 | An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check that the current version is lower than or equal to the given image's. Downgrades… | ||
| CVE-2017-5622 | Med | 0.38 | 5.9 | 0.00 | Mar 26, 2017 | With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further… | ||
| CVE-2017-5625 | Med | 0.30 | 4.6 | 0.00 | Apr 25, 2017 | In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump ' fastboot command. | ||
| CVE-2020-13626 | 0.00 | — | 0.00 | Oct 9, 2020 | OnePlus App Locker through 2020-10-06 allows physically proximate attackers to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked. | |||
| CVE-2020-7958 | 0.00 | — | 0.01 | Apr 14, 2020 | An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code.… |
- risk 0.64cvss 9.8epss 0.03
OxygenOS before version 4.0.2, on OnePlus 3 and 3T, has two hidden fastboot oem commands (4F500301 and 4F500302) that allow the attacker to lock/unlock the bootloader, disregarding the 'OEM Unlocking' checkbox, without user confirmation and without a factory reset. This allows…
- risk 0.49cvss 7.5epss 0.01
An issue was discovered on OnePlus devices such as the 3T. The OnePlus OTA Updater pushes the signed-OTA image over HTTP without TLS. While it does not allow for installation of arbitrary OTAs (due to the digital signature), it unnecessarily increases the attack surface, and…
- risk 0.44cvss 6.8epss 0.00
An issue was discovered in OnePlus One, X, 2, 3, 3T, and 5 devices with OxygenOS 5.0 and earlier. The attacker can reboot the device into the Qualcomm Emergency Download (EDL) mode through ADB or by using Volume-Up when connected to USB, which in turn could allow for downgrading…
- risk 0.38cvss 5.9epss 0.00
An issue was discovered on OnePlus One and X devices. Due to a lenient updater-script on the OnePlus One and X OTA images, the fact that both products use the same OTA verification keys, and the fact that both products share the same 'ro.build.product' system property, attackers…
- risk 0.38cvss 5.9epss 0.01
An issue was discovered on OnePlus One, X, 2, 3, and 3T devices. OxygenOS and HydrogenOS are vulnerable to downgrade attacks. This is due to a lenient 'updater-script' in OTAs that does not check that the current version is lower than or equal to the given image's. Downgrades…
- risk 0.38cvss 5.9epss 0.00
With OxygenOS before 4.0.3, when a charger is connected to a powered-off OnePlus 3 or 3T device, the platform starts with adbd enabled. Therefore, a malicious charger or a physical attacker can open up, without authorization, an ADB session with the device, in order to further…
- risk 0.30cvss 4.6epss 0.00
In OxygenOS before 4.0.3 on OnePlus 3 and 3T devices, an unauthorized attacker can cause a locked bootloader to partially dump the ciphertext content of an arbitrary partition (except 'keystore') by issuing the 'fastboot oem dump ' fastboot command.
- CVE-2020-13626Oct 9, 2020risk 0.00cvss —epss 0.00
OnePlus App Locker through 2020-10-06 allows physically proximate attackers to use Google Assistant to bypass an authorization check in order to send an SMS message when the SMS application is locked.
- CVE-2020-7958Apr 14, 2020risk 0.00cvss —epss 0.01
An issue was discovered on OnePlus 7 Pro devices before 10.0.3.GM21BA. The firmware was found to contain functionality that allows a privileged user (root) in the Rich Execution Environment (REE) to obtain bitmap images from the fingerprint sensor because of Leftover Debug Code.…