Vulnerabilities found in OnePlus 3 and 3T bootloader

Yordan, 10 February 2017

OnePlus devices are the holy grail for fans of unlocked phones, open for tinkering. But apparently OxygenOS versions were more open than they need to be.

A security researcher found out that OxygenOS 3.2 through 4.0.1 has a vulnerability that lets anyone with two native fastboot commands to disable the verified boot feature without actually unlocking the bootloader with the user-accessible command. This means a malicious code could be run without even resetting the user data.

OnePlus 3 was upgraded to 4.0.2 and the Shenzhen-based company says it patched the vulnerability. It also started handing out 4.0.3 to OnePlus 3T owners. It brings optimized exposure for night time photos and pre-installed Amazon Prime app for India users, along with various Wi-Fi fixes.

Source | Via


Reader comments

  • Ajay
  • 14 Feb 2017
  • KiF

Received 4.0.3 upgrades today here in Indonesia.

  • Graves
  • 13 Feb 2017
  • vx6

I see you a lol player

  • AnonD-644300
  • 13 Feb 2017
  • yZt

Moto z play is better alternative though.

Popular articles


Popular devices

Electric Vehicles